bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution. This attack appear to be exploitable via malicious user have to upload a crafted payload containing PHP code.
References
Link | Resource |
---|---|
https://github.com/bludit/bludit/issues/812 | Exploit Third Party Advisory |
https://www.exploit-db.com/exploits/46060/ | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-12-20T15:00:00
Updated: 2018-12-27T10:57:01
Reserved: 2018-10-04T00:00:00
Link: CVE-2018-1000811
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-12-20T15:29:00.297
Modified: 2019-01-07T19:04:51.567
Link: CVE-2018-1000811
JSON object: View
Redhat Information
No data.
CWE