CVE-2024-31022
CandyCMS 1.0.0 is affected by an RCE via the install.php component. A remote attacker can execute arbitrary code (high impact; CVSS 3.1: 9.8) due to the underlying vulnerability described in multiple sources. The issue affects CandyCMS’s install.php handling and does not specify details of the ro...