Critical severity9.8NVD Advisory· Published Oct 11, 2018· Updated Jun 17, 2026
CVE-2018-18258
CVE-2018-18258
Description
An issue was discovered in BageCMS 3.1.3. The attacker can execute arbitrary PHP code on the web server and can read any file on the web server via an index.php?r=admini/template/updateTpl&filename= URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- github.com/rakjong/vuln/blob/master/Bagecms_vuln_1.pdfnvdExploitThird Party Advisory
- kc.mcafee.com/corporate/indexnvd
News mentions
0No linked articles in our index yet.