CVE-2020-18184

Published October 2nd, 2020

View on NVD ↗

CVSS v3

7.2

HIGH

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.

pluxml/PluXml

A CMS to create lightweight websites with ease and without database.

GitHub

231