plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 (aka Strawberry) allows remote malicious users to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cutephp cutenews 1.1.1 |