2017-07-12 13:00:00
mitre
PUBLISHED
FineCMS 2.1.0 allows remote attackers to execute arbitrary PHP code by using a URL Manager "Add Site" action to enter this code after a , sequence in a domain name, as demonstrated by the ,phpinfo() input value.