High severity8.8OSV Advisory· Published Apr 20, 2019· Updated Jun 17, 2026
CVE-2019-11377
CVE-2019-11377
Description
wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload Vulnerability via developer/finder because .php is a valid extension according to the fm_get_text_exts function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- www.iwantacve.cn/index.php/archives/208/nvdExploitThird Party Advisory
- github.com/vedees/wcms/issues/2nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.