4 matches found
CVE-2018-18869
EmpireCMS V7.5 allows remote attackers to upload and execute arbitrary code via ..%2F directory traversal in a .php filename in the upload/e/admin/ecmscom.php path parameter...
CVE-2018-18869
EmpireCMS V7.5 allows remote attackers to upload and execute arbitrary code via ..%2F directory traversal in a .php filename in the upload/e/admin/ecmscom.php path parameter...
CVE-2018-18869
EmpireCMS 7.5 is affected by CVE-2018-18869. The issue is a directory-traversal in the upload/e/admin/ecmscom.php path that, via a ..%2F in a .php filename, allows remote attackers to upload and execute arbitrary code. CVSS metrics indicate high to critical risk (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A...
CVE-2018-18869
EmpireCMS V7.5 allows remote attackers to upload and execute arbitrary code via ..%2F directory traversal in a .php filename in the upload/e/admin/ecmscom.php path parameter...