Security Advisory

CVE-2018-18771

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-10-29 02:00:00

Last updated 2024-09-17 01:16:36

Assigner mitre

State PUBLISHED

Description

An issue was discovered in LuLu CMS through 2015-05-14. backendmodulesfilemanagercontrollersDefaultController.php allows arbitrary file upload by entering a filename, directory name, and PHP code into the three text input fields.

← Browse all CVEs View on cve.org ↗