CVE-2024-58284

Dec 24, 2025
Updated Dec 24, 2025 CVE Database CVE-2024-58284 vulnerability security

CVE-2024-58284

PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability that allows administrative users to inject malicious PHP code through the metadata settings endpoint. Attackers can log in and modify the meta content to create a web shell that executes arbitrary system commands through a GET parameter.

Scan your website for free

No signup needed. Get results in under 60 seconds.

Run Free Scan →

Scan for these vulnerabilities

Secably automatically detects the issues discussed in this article.

Start Free Scan