CVE-2018-18934
PopojiCMS v2.0.1 is affected by CVE-2018-18934. The vulnerability lies in admin_component.php, exploitable through the po-admin/route.php?mod=component&act=addnew URI by using the fupload parameter to upload a ZIP file containing arbitrary PHP code, which is extracted and can be executed. This is...