2 matches found
CVE-2018-19053
PbootCMS 1.2.2 allows remote attackers to execute arbitrary PHP code by specifying a .php filename in a "SET GLOBAL generallogfile" statement, followed by a SELECT statement containing this PHP code...
CVE-2018-19053
CVE-2018-19053 affects PbootCMS 1.2.2, where a remote attacker can achieve arbitrary PHP code execution by manipulating a .php filename in a SET GLOBAL general_log_file statement, followed by a SELECT containing the code. The root cause is the combination of allowing an external input to specify ...