CVE-2017-14764

HIGH8.8EPSS 0.83%

GeniXCMS arbitrary PHP code execution

發布日:2022/5/17修改日:2024/4/25

描述

In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module.

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH8.8	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H