Security Advisory

CVE-2018-19514

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-03-17 22:06:16

Last updated 2024-08-05 11:37:11

Assigner mitre

State PUBLISHED

Description

In Webgalamb through 7.0, an arbitrary code execution vulnerability could be exploited remotely without authentication. Exploitation requires authentication bypass to access administrative functions of the site to upload a crafted CSV file with a malicious payload that becomes part of a PHP eval() expression in the subscriber.php file.

← Browse all CVEs View on cve.org ↗