CVE-2020-18886

Name of the Vulnerable Software and Affected Versions: PHPMyWind version 5.6

Description: The issue allows remote attackers to execute arbitrary code. This is achieved via the component 'admin/upload file do.php', which is vulnerable to unrestricted file upload.

Recommendations: For PHPMyWind version 5.6, consider disabling the 'admin/upload file do.php' component until a patch is available to prevent remote attackers from executing arbitrary code. Restrict access to this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.