Vulnerabilities (CVE)

Filtered by vendor Lulucms Subscribe
Filtered by product Lulu Cms
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-18771 1 Lulucms 1 Lulu Cms 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in LuLu CMS through 2015-05-14. backend\modules\filemanager\controllers\DefaultController.php allows arbitrary file upload by entering a filename, directory name, and PHP code into the three text input fields.