Vulnerabilities

CVE-2018-19512

by Fred · 17/03/2019

In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory.

Date published : 2019-03-17

http://packetstormsecurity.com/files/151017/Webgalamb-Information-Disclosure-XSS-CSRF-SQL-Injection.html

http://seclists.org/fulldisclosure/2019/Jan/15

Similar

Tags: Cybersecurity Alert