CVE-2017-11167

2017-07-1213:00:00

mitre

www.cve.org

9.8 High

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.9%

JSON

FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by using a URL Manager “Add Site” action to enter this code after a ', sequence in a domain name, as demonstrated by the ',phpinfo() input value.

References

www.03sec.com/3169.shtml