Arbitrary Code Execution Vulnerability in Webgalamb 7.0

Arbitrary Code Execution Vulnerability in Webgalamb 7.0

CVE-2018-19512 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory.

Learn more about our Web App Pen Testing.