Описание
In Tiny MoxieManager PHP before 4.0.0, remote code execution can occur in the installer command. This vulnerability allows unauthenticated attackers to inject and execute arbitrary code. Attacker-controlled data to InstallCommand can be inserted into config.php, and InstallCommand is available after an installation has completed.
EPSS
Процентиль: 76%
0.00967
Низкий
Дефекты
CWE-96
Связанные уязвимости
github
11 месяцев назад
In Tiny MoxieManager PHP before 4.0.0, remote code execution can occur in the installer command. This vulnerability allows unauthenticated attackers to inject and execute arbitrary code. Attacker-controlled data to InstallCommand can be inserted into config.php, and InstallCommand is available after an installation has completed.
EPSS
Процентиль: 76%
0.00967
Низкий
Дефекты
CWE-96