2017-06-21 07:00:00
mitre
PUBLISHED
installsave.php in WebsiteBaker v2.10.0 allows remote attackers to execute arbitrary PHP code via the database_username, database_host, or database_password parameter.