High severity8.8NVD Advisory· Published Sep 27, 2017· Updated May 13, 2026
CVE-2017-14764
CVE-2017-14764
Description
In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- ph0rse.me/2017/09/21/GeniXCMS-1-1-4%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC-getshell/nvdExploitThird Party Advisory
- github.com/advisories/GHSA-5cmg-8m8p-whmjghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-14764ghsaADVISORY
- ph0rse.me/2017/09/21/GeniXCMS-1-1-4%E6%9C%80%E6%96%B0%E7%89%88%E6%9C%AC-getshellghsaWEB
News mentions
0No linked articles in our index yet.