Arbitrary PHP Code Execution Vulnerability in GeniXCMS 1.1.4 Upload Modules Page

Arbitrary PHP Code Execution Vulnerability in GeniXCMS 1.1.4 Upload Modules Page

CVE-2017-14764 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module.

Learn more about our Cms Pen Testing.