CVE-2024-58284

Published Dec 24, 2025 | Updated Dec 24, 2025

CVE-2024-58284 vulnerability security

CVE-2024-58284

PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability that allows administrative users to inject malicious PHP code through the metadata settings endpoint. Attackers can log in and modify the meta content to create a web shell that executes arbitrary system commands through a GET parameter.

Scan Your Website for Vulnerabilities

Discover security issues before attackers do. Our AI-powered scanner checks for the vulnerabilities discussed in this guide and more.

Start Free Scan