0.006 Low
EPSS
Percentile
77.7%
Yii PHP Framework is vulnerable to remote code execution (RCE). A malicious user can inject and execute arbitrary PHP code through the value parameter in framework/zii/widgets/CDetailView.php.
value
framework/zii/widgets/CDetailView.php
www.yiiframework.com/news/78/yii-1-1-15-is-released-security-fix/