CVE-2024-58284

Dec 24, 2025 Updated Dec 24, 2025 CVE Database

CVE-2024-58284 vulnerability security

CVE-2024-58284

PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability that allows administrative users to inject malicious PHP code through the metadata settings endpoint. Attackers can log in and modify the meta content to create a web shell that executes arbitrary system commands through a GET parameter.

Scan Your Attack Surface for These Issues

Secably automatically detects the vulnerabilities discussed in this article across your domains, subdomains, and infrastructure.

Start Free — No Credit Card

Related Articles

Technical analysis of CVE-2025-65950 (HIGH, 8.8) affecting WBCE CMS. Learn about affected …

Detailed technical analysis of CVE-2024-58279 (HIGH, 8.8) affecting appRain CMF 4.0.5. Learn …

Technical analysis of CVE-2024-58281 (HIGH, 8.8). Learn about affected systems, exploitation details, …

Detailed technical analysis of CVE-2024-58282 (HIGH, 7.2) affecting Serendipity 2.5.0. Learn about …

Detailed technical analysis of CVE-2024-58283 (HIGH, 8.8), a remote code execution vulnerability …

All CVE Database

Categories

All Categories CVE Database

support_agent

Secably Support

Usually replies within minutes

Hi there!

Send us a message and we'll reply ASAP.