3 matches found
CVE-2018-16975
An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Code Execution Vulnerability in /designer/add/stylesheet.php by using a .php extension in the New Stylesheet Name field in conjunction with ?php content, because of insufficient input validation in...
CVE-2018-16975
An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Code Execution Vulnerability in /designer/add/stylesheet.php by using a .php extension in the New Stylesheet Name field in conjunction with ?php content, because of insufficient input validation in...
CVE-2018-16975
Elefant CMS prior to 2.0.7 contains a PHP code execution vulnerability in /designer/add/stylesheet.php. Insufficient input validation in apps/designer/handlers/csspreview.php allows a .php extension in the New Stylesheet Name field when combined with