CVE-2018-19196

An issue was discovered in XiaoCms 20141229. It allows remote attackers to execute arbitrary code by using the type parameter to bypass the standard admin\controller\uploadfile.php restrictions on uploaded file types (jpg, jpeg, bmp, png, gif), as demonstrated by an admin/index.php?c=uploadfile&a=uploadify_upload&type=php URI.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Common Weakness Enumeration
References
https://github.com/AvaterXXX/XiaoCms/blob/master/GETSHELL.md
https://www.patec.cn/newsshow.php?cid=24&id=136
https://github.com/AvaterXXX/XiaoCms/blob/master/GETSHELL.md
https://www.patec.cn/newsshow.php?cid=24&id=136