Arbitrary Code Execution Vulnerability in Webgalamb 7.0
CVE-2018-19512 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory.
Learn more about our Web App Pen Testing.