CVE-2018-17553

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
6.5
MEDIUM
Affected
2
PROJECTS

Description

An "Unrestricted Upload of File with Dangerous Type" issue with directory traversal in navigate_upload.php in Naviwebs Navigate CMS 2.8 allows authenticated attackers to achieve remote code execution via a POST request with engine=picnik and id=../../../navigate_info.php.

rapid7/metasploit-framework
rapid7/metasploit-framework
Metasploit Framework
GitHubGitHub
38.4K
NavigateCMS/Navigate-CMS
NavigateCMS/Navigate-CMS
Navigate CMS, a very powerful open source content management system for everybody.
GitHubGitHub
8