CVE-2019-13472

Name of the Vulnerable Software and Affected Versions PHPWind version 9.1.0

Description The issue concerns a security problem where an attacker can inject malicious scripts into the c and m parameters of the index.php file, potentially leading to unauthorized actions on the affected system.

Recommendations For PHPWind version 9.1.0, as a temporary workaround, consider restricting access to the vulnerable parameters c and m in the index.php file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.