Critical severity9.8NVD Advisory· Published May 30, 2026· Updated Jun 3, 2026
CVE-2018-25412
CVE-2018-25412
Description
Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to docs_upload.php with crafted multipart form data. Attackers can upload PHP files with arbitrary content to the upload directory and execute them on the server for remote code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:deltasql_project:deltasql:1.8.2:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
5- www.exploit-db.com/exploits/45685nvdExploitThird Party Advisory
- www.vulncheck.com/advisories/delta-sql-arbitrary-file-upload-via-docs-upload-phpnvdThird Party Advisory
- deltasql.sourceforge.netnvdProduct
- deltasql.sourceforge.net/deltasql/nvdProduct
- sourceforge.net/projects/deltasql/files/latest/downloadnvdProduct
News mentions
0No linked articles in our index yet.