CVE-2019-12150
Karamasoft UltimateEditor 1 is affected by CVE-2019-12150 due to improper validation of uploaded files: the system does not restrict file types or extensions, allowing an attacker to upload arbitrary files via the Attach icon. The uploaded file is stored under UltimateEditorInclude/UserFiles/ and...