Loading
Generated remediation guidance and an executive summary. No account required.
The CDetailView widget in Yii PHP Framework 1.1.14 allows remote attackers to execute arbitrary PHP scripts via vectors related to the value property.
Use CWE-94, Yiiframework vendor hub and Yiiframework product page to widen CVE-2014-4672 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2018-6009, CVE-2018-6010 and CVE-2015-3397 for nearby disclosures in the same product family.