CVE-2018-20166

A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data, and the filename ends in ".php" with mixed case, such as the .pHp extension.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 86%
VendorProductVersion
rukovoditelrukovoditel
2.3.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://pentest.com.tr/exploits/Rukovoditel-Project-Management-CRM-2-3-1-Authenticated-Remote-Code-Execution.html
https://www.exploit-db.com/exploits/46011
https://pentest.com.tr/exploits/Rukovoditel-Project-Management-CRM-2-3-1-Authenticated-Remote-Code-Execution.html
https://www.exploit-db.com/exploits/46011