8 matches found
CVE-2024-31022
An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component...
CVE-2024-31022
An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component...
CVE-2024-31022
An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component...
CVE-2024-31022
An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component...
CVE-2024-31022
An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component...
CandyCMS 安全漏洞
CandyCMS is a simple PHP CMS open-sourced by Stephen Radford. A security vulnerability exists in CandyCMS version 1.0.0. A remote attacker can exploit this vulnerability to execute arbitrary code via the install.php component...
CVE-2024-31022
CandyCMS 1.0.0 is affected by an RCE via the install.php component. A remote attacker can execute arbitrary code (high impact; CVSS 3.1: 9.8) due to the underlying vulnerability described in multiple sources. The issue affects CandyCMS’s install.php handling and does not specify details of the ro...
PT-2024-23728 · Candycms · Candycms
Name of the Vulnerable Software and Affected Versions: CandyCMS version 1.0.0 Description: An issue was discovered in CandyCMS, allowing remote attackers to execute arbitrary code via the install.php component. Recommendations: For CandyCMS version 1.0.0, consider disabling access to the...