Critical severity9.8NVD Advisory· Published Nov 1, 2018· Updated Jun 17, 2026
CVE-2018-18892
CVE-2018-18892
Description
MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the site_name field in mc_conf.php.
Affected products
2Patches
Vulnerability mechanics
References
2- github.com/AvaterXXX/MiniCms/blob/master/Command%20Execution.mdnvdExploitThird Party Advisory
- www.patec.cn/newsshow.phpnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.