CVE-2020-22937

Name of the Vulnerable Software and Affected Versions EmpireCMS version 7.5

Description A remote code execution issue in the e/install/index.php file allows attackers to execute arbitrary PHP code by writing malicious code to the install file. This enables attackers to potentially gain control over the system.

Recommendations For EmpireCMS version 7.5, consider removing or restricting access to the e/install/index.php file until a patch is available. As a temporary workaround, restrict write access to the install file to prevent malicious code from being written.