CVE-2023-36994

Name of the Vulnerable Software and Affected Versions TravianZ versions 8.3.3 through 8.3.4

Description The issue is related to Incorrect Access Control in the installation script, allowing an attacker to overwrite the server configuration and inject PHP code.

Recommendations For TravianZ versions 8.3.3 and 8.3.4, consider restricting access to the installation script until a patch is available. As a temporary workaround, avoid using the installation script in these versions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.