PT-2024-31222 · Autocms · Autocms
Name of the Vulnerable Software and Affected Versions: AutoCMS version 5.4 Description: The issue allows attackers to execute arbitrary PHP code via injecting a crafted value into the txtsite url parameter at the "/admin/site add.php" API endpoint. This enables attackers to inject malicious PHP...