2018-09-17 04:00:00
mitre
PUBLISHED
admin/goods_update.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the attrvalue[] array parameter.