CVE-2018-18381
Published
CVSS v3
5.4
MEDIUM
CVSS v2
3.5
LOW
Affected
1
PROJECT
Description
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
GitHub