Filtered by vendor Ultimatefosters
Subscribe
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-17139 | 1 Ultimatefosters | 1 Ultimatepos | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
UltimatePOS 2.5 allows users to upload arbitrary files, which leads to remote command execution by posting to a /products URI with PHP code in a .php file with the image/jpeg content type. |