CVE-2018-20300
Empire CMS 7.5 is affected by CVE-2018-20300. A remote attacker can execute arbitrary PHP code by supplying a crafted ftemp parameter in the enews=EditMemberForm action, because the code is injected into a memberform.$fid.php file. Affected component: the enews EditMemberForm flow in Empire CMS 7...