Command Injection in PHPMyWind v5.6 allows remote malicious users to execute arbitrary code via the "text color" field of the component '/admin/web_config.php'.
phpmywind phpmywind 5.6