CVE-2018-18888

Summary: 
An issue was discovered in laravelCMS through 2018-04-02. \app\Http\Controllers\Backend\ProfileController.php allows upload of arbitrary PHP files because the file extension is not properly checked and uploaded files are not properly renamed.
Published: 
Wednesday, October 31, 2018 - 21:29
cvss: