Lucene search

K
cvelistMitreCVELIST:CVE-2018-14857
HistoryAug 06, 2018 - 9:00 p.m.

CVE-2018-14857

2018-08-0621:00:00
mitre
www.cve.org
2

8.9 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.1%

Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.

8.9 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.1%