1 results (0.002 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-31022
https://notcve.org/view.php?id=CVE-2024-31022
08 Apr 2024 — An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component. Se descubrió un problema en CandyCMS versión 1.0.0 que permite a atacantes remotos ejecutar código arbitrario a través del componente install.php. • https://www.xuxblog.top/2024/03/25/CandyCMS-Pre-Auth-RCE • CWE-94: Improper Control of Generation of Code ('Code Injection') •