EPSS
Percentile
76.7%
PHPMyWind 5.6 is vulnerable to Remote Code Execution. Becase input is filtered without “<, >, ?, =, `,…” In WriteConfig() function, an attacker can inject php code to /include/config.cache.php file.
github.com/gaozhifeng/PHPMyWind/issues/15
github.com/KietNA-HPT/CVE