Arbitrary File Upload and Remote Code Execution in PHP Scripts Mall Schools Alert Management Script

Arbitrary File Upload and Remote Code Execution in PHP Scripts Mall Schools Alert Management Script

CVE-2018-12051 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script via $_FILE in /webmasterst/general.php, as demonstrated by a .php file with the image/jpeg content type.

Learn more about our Web App Pen Testing.