CVE-2024-25415

A remote code execution (RCE) vulnerability in /admin/define_language.php of CE Phoenix v1.0.8.20 allows attackers to execute arbitrary PHP code via injecting a crafted payload into the file english.php. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt