VYPR
Critical severity9.8NVD Advisory· Published Sep 21, 2019· Updated Jun 17, 2026

CVE-2019-16656

CVE-2019-16656

Description

joyplus-cms 1.6.0 allows remote attackers to execute arbitrary PHP code via /install by placing the code in the name of an object in the database.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.