Security Advisory

CVE-2018-18888

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-11-01 01:00:00

Last updated 2024-09-16 16:58:59

Assigner mitre

State PUBLISHED

Description

An issue was discovered in laravelCMS through 2018-04-02. appHttpControllersBackendProfileController.php allows upload of arbitrary PHP files because the file extension is not properly checked and uploaded files are not properly renamed.

← Browse all CVEs View on cve.org ↗