Public CVE-2023-25136 disclosure

An issue discovered in phpwcms 1.9.25 allows remote attackers to run arbitrary code via DB user field during installation.