CVE-2018-16352

Published September 2nd, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index.php because code can be embedded at the end of a .png file when the image/png content type is used.

alterebro/WeaselCMS

Lightweight flat file CMS written in PHP

GitHub