2 matches found
CVE-2018-16975
Elefant CMS prior to 2.0.7 contains a PHP code execution vulnerability in /designer/add/stylesheet.php. Insufficient input validation in apps/designer/handlers/csspreview.php allows a .php extension in the New Stylesheet Name field when combined with
CVE-2018-16974
CVE-2018-16974 affects Elefant CMS