Tag
Vvveb CMS v1.0.8 is vulnerable to remote code execution due to a missing return statement in the file rename handler, allowing authenticated attackers to bypass extension restrictions and execute arbitrary code by manipulating .htaccess and .php files.