Headline
CVE-2021-43478: install bug · Issue #1 · kr0za/bugs
A vulnerability exists in Hoosk 1.8.0 in /install/index.php, due to a failure to check if config.php already exists in the root directory, which could let a malicious user reinstall the website.
In /install/index.php, it is not checked whether config.php already exists in the website root directory. The install directory is not automatically deleted after the system installation. When you visit /install again, reinstall the website again.
Installation succeeded
The install directory is not automatically deleted after the system is installed,visit /install again
The website was reinstalled