2 matches found
CVE-2018-12914
A remote code execution issue was discovered in PublicCMS V4.0.20180210. An attacker can upload a ZIP archive that contains a .jsp file with a directory traversal pathname. After an unzip operation, the attacker can execute arbitrary code by visiting a .jsp URI...
CVE-2018-12914
CVE-2018-12914 affects PublicCMS V4.0.20180210. The vulnerability allows remote code execution by an attacker who uploads a ZIP archive containing a JSP file with a directory traversal path; after unzip, arbitrary code can be executed when the JSP URI is visited. NVD reports CVSS v3.0 base score ...