2 matches found
CVE-2018-18487
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mtrand unsafely, resulting in predictable database backup file locations...
CVE-2018-18487
The CVE-2018-18487 entry affects Gxlcms v2.0, specifically the database backup filename generation in \lib\admin\action\dataaction.class.php. The vulnerability stems from using mt_rand() in filename creation, causing predictable backup file locations. The documents do not provide exploit details,...