Coderpixel Security Vulnerabilities

cve

CVE-2018-18382

Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.

8.8CVSS

8.9AI Score

0.012EPSS

2018-10-16 07:29 AM