High severity7.5NVD Advisory· Published Oct 18, 2018· Updated Jun 17, 2026
CVE-2018-18487
CVE-2018-18487
Description
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations.
Affected products
2Patches
Vulnerability mechanics
References
1- sunu11.com/2018/10/18/glxcms/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.