Critical severity9.8OSV Advisory· Published Sep 3, 2018· Updated Jun 17, 2026
CVE-2018-16370
CVE-2018-16370
Description
In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: 1.0.3, 2.0.0, 2.0.1, …
Patches
Vulnerability mechanics
References
1- github.com/lazyphp/PESCMS-TEAM/issues/2nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.