3 matches found
CVE-2018-17139
UltimatePOS 2.5 allows users to upload arbitrary files, which leads to remote command execution by posting to a /products URI with PHP code in a .php file with the image/jpeg content type...
UltimatePOS 2.5 Remote Code Execution
Exploit Title: UltimatePOS 2.5 - Remote Code Execution Google Dork: intext:"UltimatePOS" Date: 2018-08-22 Exploit Author: Renos Nikolaou Vendor Homepage: http://ultimatefosters.com/ Software Link: https://codecanyon.net/item/saas-superadmin-module-for-ultimatepos-advance/22394431 Version: 2.5...
UltimatePOS 2.5 - Remote Code Execution
Exploit Title: UltimatePOS 2.5 - Remote Code Execution Google Dork: intext:"UltimatePOS" Date: 2018-08-22 Exploit Author: Renos Nikolaou Vendor Homepage: http://ultimatefosters.com/ Software Link: https://codecanyon.net/item/saas-superadmin-module-for-ultimatepos-advance/22394431 Version: 2.5...