5 matches found
e107 < 2.1.9 Multiple Vulnerabilities
e107 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:e107:e107"; if description...
CVE-2018-16388
e107web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type...
CVE-2018-16388
e107web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type...
CVE-2018-16388
e107web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type...
CVE-2018-16388
CVE-2018-16388 affects e107 CMS, version 2.1.8. The issue is in e107_web/js/plupload/upload.php : a remote attacker can upload a file named with a .php extension but with an image/jpeg content type, leading to arbitrary PHP code execution . The CVSS metrics in the documents indicate a high impact...