RSS   Vulnerabilities for 'Laravelcms'   RSS

2018-10-31
 
CVE-2018-18888

CWE-434
 

 
An issue was discovered in laravelCMS through 2018-04-02. \app\Http\Controllers\Backend\ProfileController.php allows upload of arbitrary PHP files because the file extension is not properly checked and uploaded files are not properly renamed.

 


Copyright 2024, cxsecurity.com

 

Back to Top