CVE-2023-5221

Name of the Vulnerable Software and Affected Versions ForU CMS (affected versions not specified)

Description A critical vulnerability has been found in ForU CMS, affecting an unknown part of the file /install/index.php. The manipulation of the db name argument leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the /install/index.php file to minimize the risk of exploitation. Avoid using the db name argument in the affected file until the issue is resolved.