CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-19692

An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote attackers to execute arbitrary PHP code by uploading a .php file with the image/jpeg content type.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/fmsdwifull/tp5cms/issues/5
https://github.com/fmsdwifull/tp5cms/issues/5

Products affected by CVE-2018-19692

Tp5cms Project » Tp5cms » Version: 2017-03-15

cpe:2.3:a:tp5cms_project:tp5cms:2017-03-15
Tp5cms Project » Tp5cms » Version: 2017-05-25

cpe:2.3:a:tp5cms_project:tp5cms:2017-05-25

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-19692

Products

Pricing

Contact Us