Pu10

Name of the Vulnerable Software and Affected Versions: Hoosk version 1.7.1 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the `config.php` component. Recommendations: For Hoosk version 1.7.1, consider disabling access to the `config.php` component until a patch is available. Restricting the execution of crafted scripts can also help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.