CVE-2021-40189

Published October 11th, 2021

View on NVD ↗

CVSS v3

7.2

HIGH

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

PHPFusion 9.03.110 is affected by a remote code execution vulnerability. The theme function will extract a file to "webroot/themes/{Theme Folder], where an attacker can access and execute arbitrary code.

PHPFusion/PHPFusion

PHPFusion Official Development Repository

GitHub

117