VYPR
High severity8.8NVD Advisory· Published Jul 9, 2018· Updated Jun 17, 2026

CVE-2018-1000619

CVE-2018-1000619

Description

Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution. This attack appear to be exploitable via The attacker must have permission to upload addons.

Affected products

2
  • Ovidentia/Ovidentiainferred2 versions
    <=8.4.3+ 1 more
    • (no CPE)range: <=8.4.3
    • (no CPE)range: <=8.4.3

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.