OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote malicious users to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
chadhaajay phpkb 9.0 |