Multiple vulnerabilities have been identified in Crea-CMS, which could be exploited by attackers to execute arbitrary commands. These issues are caused by input validation errors in the "_administration/securite.php" and "_administration/gestion_configurations/save_config.php" scripts when processing the "cfg[document_uri]" parameter, which could be exploited by remote attackers to include malicious scripts and execute arbitrary commands with the privileges of the web server.
