2 matches found
CVE-2018-19180
statics/app/index/controller/Install.php in YUNUCMS 1.1.5 if install.lock is not present allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DBPREFIX field, which is written to database.php...
CVE-2018-19180
CVE-2018-19180 affects YUNUCMS 1.1.5. The issue exists in statics/app/index/controller/Install.php (when install.lock is absent) where an attacker can inject arbitrary PHP code through the DB_PREFIX field, which is written to database.php, enabling remote code execution. Multiple connected source...