Lucene search
K

5 matches found

OpenVAS
OpenVAS
added 2018/09/14 12:0 a.m.52 views

e107 < 2.1.9 Multiple Vulnerabilities

e107 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:e107:e107"; if description...

7.2CVSS6.8AI score0.02187EPSS
Exploits1References3
NVD
NVD
added 2018/09/12 4:29 p.m.19 views

CVE-2018-16388

e107web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type...

7.2CVSS7.4AI score0.02187EPSS
Exploits1References2
OSV
OSV
added 2018/09/12 4:29 p.m.18 views

CVE-2018-16388

e107web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type...

7.2CVSS7.8AI score
Exploits0References2
Cvelist
Cvelist
added 2018/09/12 4:0 p.m.24 views

CVE-2018-16388

e107web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type...

7.3AI score0.02187EPSS
Exploits1References2
CVE
CVE
added 2018/09/12 4:0 p.m.44 views

CVE-2018-16388

CVE-2018-16388 affects e107 CMS, version 2.1.8. The issue is in e107_web/js/plupload/upload.php : a remote attacker can upload a file named with a .php extension but with an image/jpeg content type, leading to arbitrary PHP code execution . The CVSS metrics in the documents indicate a high impact...

7.2CVSS7.3AI score0.02187EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder