Security Advisory

CVE-2024-58284

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-10 21:15:07

Last updated 2026-04-07 14:08:37

Assigner VulnCheck

State PUBLISHED

Description

PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability that allows administrative users to inject malicious PHP code through the metadata settings endpoint. Attackers can log in and modify the meta content to create a web shell that executes arbitrary system commands through a GET parameter.

← Browse all CVEs View on cve.org ↗