In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Pluxxml |
Pluxxml |
5.7 (including) |
5.7 (including) |
References