Critical severity9.8OSV Advisory· Published Oct 29, 2018· Updated Jun 17, 2026
CVE-2018-18752
CVE-2018-18752
Description
Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter.
Affected products
2- Range: 2.0, 2.1, 2.2, …
Patches
Vulnerability mechanics
References
1- packetstormsecurity.com/files/149982/Webiness-Inventory-2.9-Shell-Upload.htmlnvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.