CVE-2018-20012

Name of the Vulnerable Software and Affected Versions PHPCMF version 4.1.3

Description The issue is related to a security problem where an attacker can inject malicious code. The problem occurs via the first input field to the "index.php?s=member&c=register&m=index" URI, allowing for malicious code injection.

Recommendations For PHPCMF version 4.1.3, consider validating and sanitizing user input to the first field in the "index.php?s=member&c=register&m=index" URI to prevent code injection. As a temporary workaround, restrict access to the register function until a proper fix is applied.