CVE-2019-11377

Published April 20th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fm_get_text_exts function.

vedees/wcms

🖖 Best CMS for landing-page

GitHub

256