Vulnerability Details CVE-2018-15601
apps/filemanager/handlers/upload/drop.php in Elefant CMS 2.0.3 performs a urldecode step too late in the "Cannot upload executable files" protection mechanism.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2018-15601
-
cpe:2.3:a:elefantcms:elefantcms:2.0.3