CVE-2024-48138 Information

Description

A remote code execution (RCE) vulnerability in the component /PluXml/core/admin/parametres_edittpl.php of PluXml v5.8.16 and lower allows attackers to execute arbitrary code via injecting a crafted payload into a template.

Reference

https://github.com/pluxml/PluXml/issues/829