Security Advisory

CVE-2019-17536

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-10-13 17:52:39

Last updated 2024-08-05 01:40:15

Assigner mitre

State PUBLISHED

Description

Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Dangerous Type via the moveAction function in core/controllers/fm.php. The attacker needs to use admin/media_upload and fm/move.

← Browse all CVEs View on cve.org ↗