PHPMyWind 5.6 is vulnerable to Remote Code Execution. Becase input is filtered without "<, >, ?, =, `,...." In WriteConfig() function, an attacker can inject php code to /include/config.cache.php file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpmywind phpmywind 5.6 |