Critical severity9.8NVD Advisory· Published Apr 8, 2024· Updated Jun 17, 2026
CVE-2024-31022
CVE-2024-31022
Description
An issue was discovered in CandyCMS version 1.0.0, allows remote attackers to execute arbitrary code via the install.php component.
Affected products
2- CandyCMS/CandyCMSdescription
Patches
Vulnerability mechanics
References
1- www.xuxblog.top/2024/03/25/CandyCMS-Pre-Auth-RCE/nvdBroken Link
News mentions
0No linked articles in our index yet.