Vulnerabilities > Coderpixel

DATE	CVE	VULNERABILITY TITLE	RISK
2018-10-16	CVE-2018-18382	Unrestricted Upload of File with Dangerous Type vulnerability in Coderpixel Advanced HRM 1.6 Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action. network low complexity coderpixel CWE-434	6.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Coderpixel {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Coderpixel"}]}

Vulnerabilities > Coderpixel