CVE-2021-34164

Permissions vulnerability in LIZHIFAKA v.2.2.0 allows authenticated attacker to execute arbitrary commands via the set password function in the admin/index/email location. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt