CVE-2024-26521

Published
View on NVD ↗
CVSS v3
4.8
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

HTML Injection vulnerability in CE Phoenix v1.0.8.20 and before allows a remote attacker to execute arbitrary code, escalate privileges, and obtain sensitive information via a crafted payload to the english.php component.

capture0x/Phoenix
capture0x/Phoenix
CE Phoenix v1.0.8.20 - Remote Code Execution (RCE) (Authenticated)
GitHubGitHub
2
hackervegas001/CVE-2024-26521
hackervegas001/CVE-2024-26521
Html Injection vulnearbility in CE-Phoenix-v1.0.8.20 where malicious HTML code is inserted into a website. This can lead to a variety of issues, from minor website defacement to serious data breaches.
GitHubGitHub
2