CVE-2021-36424

Description

An issue discovered in phpwcms 1.9.25 allows remote attackers to run arbitrary code via DB user field during installation.