An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Code Execution Vulnerability in /designer/add/stylesheet.php by using a .php extension in the New Stylesheet Name field in conjunction with <?php content, because of insufficient input validation in apps/designer/handlers/csspreview.php.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2018-09-12T21:00:00
Updated: 2024-08-05T10:39:58.969Z
Reserved: 2018-09-12T00:00:00
Link: CVE-2018-16975

No data.

Status : Modified
Published: 2018-09-12T21:29:00.863
Modified: 2024-11-21T03:53:37.667
Link: CVE-2018-16975

No data.