Security Advisory

CVE-2018-11736

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-06-05 06:00:00

Last updated 2024-09-16 20:16:49

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Pluck before 4.7.7-dev2. /data/inc/images.php allows remote attackers to upload and execute arbitrary PHP code by using the image/jpeg content type for a .htaccess file.

← Browse all CVEs View on cve.org ↗