CVE-2023-31689
CVE-2023-31689 affects WCMS 0.3.2. Affected endpoint: /wcms/wex/html.php where an attacker, using the finish and textAreaCode parameters, can write arbitrary strings to custom file names, upload arbitrary files, and inject/execute malicious code leading to command execution. This is described con...