Vulnerability Details CVE-2021-39503
PHPMyWind 5.6 is vulnerable to Remote Code Execution. Becase input is filtered without "<, >, ?, =, `,...." In WriteConfig() function, an attacker can inject php code to /include/config.cache.php file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.033
EPSS Ranking 86.6%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References