CVE-2019-12548

2019-06-0321:29:00

Google

osv.dev

7.7 High

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.4%

JSON

Bludit before 3.9.0 allows remote code execution for an authenticated user by uploading a php file while changing the logo through /admin/ajax/upload-logo.

CPENameOperatorVersion
bluditeq0.6.2
bluditeq0.5
bluditeq2.0-beta4
bluditeq2.0.2
bluditeq1.0-beta1
bluditeq3.0.0-alpha-2
bluditeq3.3.0
bluditeq1.5-beta2
bluditeq2.0-alpha1
bluditeq2.3.1

Name	Operator	Version
bludit	eq	0.6.2
bludit	eq	0.5
bludit	eq	2.0-beta4
bludit	eq	2.0.2
bludit	eq	1.0-beta1
bludit	eq	3.0.0-alpha-2
bludit	eq	3.3.0
bludit	eq	1.5-beta2
bludit	eq	2.0-alpha1
bludit	eq	2.3.1