Vulnerabilities (CVE)

Filtered by vendor China-on-site Subscribe
Filtered by product Flexcustomer0.0.6
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-6761 1 China-on-site 1 Flexcustomer0.0.6 2024-11-21 10.0 HIGH N/A
Static code injection vulnerability in admin/install.php in Flexcustomer 0.0.6 might allow remote attackers to inject arbitrary PHP code into const.inc.php via the installdbname parameter (aka the Database Name field). NOTE: the installation instructions specify deleting admin/install.php.