7.4 High
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
73.0%
In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module.
ph0rse.me/2017/09/21/GeniXCMS-1-1-4%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC-getshell
github.com/GeniXCMS/GeniXCMS
nvd.nist.gov/vuln/detail/CVE-2017-14764