VYPR
High severity8.8NVD Advisory· Published Oct 17, 2018· Updated Jun 17, 2026

CVE-2018-18426

CVE-2018-18426

Description

s-cms 3.0 allows remote attackers to execute arbitrary PHP code by placing this code in a crafted User-agent Disallow value in the robots.php txt parameter.

Affected products

1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.