2 matches found
CVE-2018-18752
Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter...
CVE-2018-18752
Webiness Inventory 2.3 is affected by an Arbitrary File Upload vulnerability in the protected/library/ajax/WsSaveToModel.php logo parameter. The root cause is insecure handling of the logo input that allows uploading arbitrary files, enabling potential remote code execution or file inclusion depe...