Remote PHP Code Execution in FineCMS through 2017-07-07 via route=template Request

Remote PHP Code Execution in FineCMS through 2017-07-07 via route=template Request

CVE-2017-10968 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In FineCMS through 2017-07-07, application\core\controller\template.php allows remote PHP code execution by placing the code after "<?php" in a route=template request.

Learn more about our Cms Pen Testing.