CVE-2018-18888
EUVD-2018-1059901.11.2018, 01:29
An issue was discovered in laravelCMS through 2018-04-02. \app\Http\Controllers\Backend\ProfileController.php allows upload of arbitrary PHP files because the file extension is not properly checked and uploaded files are not properly renamed.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| laravelcms_project | laravelcms | 𝑥 ≤ 2018-04-02 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration