2018-04-07 21:00:00
mitre
PUBLISHED
In Gxlcms QY v1.0.0713, the update function in LibLibActionAdminTplAction.class.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.