2 matches found
CVE-2018-19457
Logicspice FAQ Script 2.9.7 allows uploading arbitrary files, which leads to remote command execution via admin/faqs/faqimages with a .php file...
CVE-2018-19457
CVE-2018-19457 affects Logicspice FAQ Script 2.9.7, where an attacker can upload arbitrary files to admin/faqs/faqimages and achieve remote command execution via a crafted .php file. Public references (e.g., Exploit-DB) indicate exploit availability. NVD metrics show CVSSv2 6.5 (MEDIUM) and CVSSv...