CVE-2017-6070

Publication date

2017-02-21 07:46:00

Family

mitre

State

PUBLISHED

Description

CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to execute PHP code via the cntnt01fbrp_forma_form_template parameter in admin_store_form.