Remote PHP Code Execution in DuomiCMS 3.0 via search.php searchword Parameter

Remote PHP Code Execution in DuomiCMS 3.0 via search.php searchword Parameter

CVE-2018-18083 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing.

Learn more about our Cms Pen Testing.