1 results (0.002 seconds)
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 4
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 4CVE-2014-9185 – Morfy CMS 1.05 Remote Command Execution
https://notcve.org/view.php?id=CVE-2014-9185
17 Dec 2014 — Static code injection vulnerability in install.php in Morfy CMS 1.05 allows remote authenticated users to inject arbitrary PHP code into config.php via the site_url parameter. Vulnerabilidad de inyección de código estático en install.php en Morfy CMS 1.05 permite a usuarios remotos autenticados inyectar código PHP arbitrario en config.php a través del parámetro site_url. Morfy CMS version 1.05 suffers from a remote command execution vulnerability. • https://packetstorm.news/files/id/129624 • CWE-94: Improper Control of Generation of Code ('Code Injection') •