7.9 High
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
77.7%
The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property.
github.com/FriendsOfPHP/security-advisories/blob/master/yiisoft/yii/CVE-2014-4672.yaml
github.com/yiisoft/yii
nvd.nist.gov/vuln/detail/CVE-2014-4672
www.yiiframework.com/news/78/yii-1-1-15-is-released-security-fix