CVE-2018-11392
The CVE-2018-11392 vulnerability affects Jigowatt “PHP Login & User Management” (Envato Market) via /classes/profile.class.php. Versions before 4.1.1 allow any remote authenticated user to upload a .php file through the profile avatar field, resulting in arbitrary code execution when the uploaded...