CVE-2019-5886

An issue was discovered in ShopXO 1.2.0. In the application\install\controller\Index.php file, there is no validation lock file in the Add method, which allows an attacker to reinstall the database. The attacker can write arbitrary code to database.php during system reinstallation...

74cms content management system backend existence of arbitrary file deletion vulnerability

74cms is a free + open source professional recruitment system based on PHP + MYSQL as the core development. 74cms content management system backend there are arbitrary file deletion vulnerability, attackers use the vulnerability to delete the installation of the generated install.lock can be...