upload_template() in system/changeskin.php in DocCms 2016.5.12 allows remote attackers to execute arbitrary PHP code via a template file.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://www.iwantacve.cn/index.php/archives/65/ |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2018-10-30T06:00:00
Updated: 2024-08-05T11:23:08.185Z
Reserved: 2018-10-29T00:00:00
Link: CVE-2018-18835
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-10-30T06:29:01.343
Modified: 2018-12-06T16:15:51.437
Link: CVE-2018-18835
Redhat
No data.