Hisiphp: >> Hisiphp >> 2.0.11 Security Vulnerabilities
An issue in hisiphp v2.0.111 allows a remote attacker to execute arbitrary code via a crafted script to the SystemPlugins::mkInfo parameter in the SystemPlugins.php component.
CVSS Score
9.8
EPSS Score
0.055
Published
2024-04-29
An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed in $files = Dir::getList($decompath. '/ Upload/Plugins /, which could let a remote malicious user execute arbitrary code.
CVSS Score
7.2
EPSS Score
0.008
Published
2022-04-04