#4762 - Critical Security Vulnerability in Composr CMS
0 guests and 0 members have recently viewed this.
Leader-board Top Weekly Earners
The top 3 point earners from 14th Dec 2025 to 21st Dec 2025.
| PDStig |
|
  |
|---|---|---|
| Gabri |
|
 |
| sholzy |
|
 |
Coming soon…
There are no events at this time
Statistics
| Forum statistics: | Birthdays: |
|---|
Some people may be naive and provide web hosting for a Composr site, without realizing they are effectively giving any administrator of that site control of their hosting.
This is not unique to Composr by any means. Web interface installation of PHP-based addons is a very common feature in CMS and forum software, and a necessary process for the audience Composr is targeted for. Composr goes further with a remote shell, but there's no escalation because the same could be achieved by uploading malicious addons.
Just document this in the installation tutorial to make sure it is understood by those who do their research.