admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-01-30 00:02:17 -05:00
parent 186373bcf5
commit 70c775b84f
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2018/6xxx/CVE-2018-6383.json
View File

@ -34,7 +34,7 @@
"description_data" : [
{
"lang" : "eng",
"value" : "Monstra CMS through 3.0.4 has an incomplete \"forbidden types\" list that excludes .php (and similar) file extensions but not the .pht or .phar extension, which allows remote authenticated admins to execute arbitrary PHP code by uploading a file, a different vulnerability than CVE-2017-18048."
"value" : "Monstra CMS through 3.0.4 has an incomplete \"forbidden types\" list that excludes .php (and similar) file extensions but not the .pht or .phar extension, which allows remote authenticated Admins or Editors to execute arbitrary PHP code by uploading a file, a different vulnerability than CVE-2017-18048."
}
]
},