2 matches found
CVE-2018-16238
An issue was discovered in damiCMS V6.0.1. Remote code execution can occur via PHP code in a multipart/form-data POST to the admin.php?s=/Tpl/Update.html URI. For example, this can update the Web/Tpl/default/head.html file...
CVE-2018-16238
The vulnerability CVE-2018-16238 affects damiCMS v6.0.1. A remote attacker can achieve remote code execution by sending PHP code in a multipart/form-data POST to the admin.php?s=/Tpl/Update.html URI, which can modify files such as Web/Tpl/default/head.html. The cited sources (NVD/CNVD and related...