CVE-2018-17132

CVE-2018-17132

admin/goods_update.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the attrvalue[] array parameter.

Source: CVE-2018-17132