Vulnerabilities > Doccms > Doccms > 2016.5.12

DATE CVE VULNERABILITY TITLE RISK
2018-10-30 CVE-2018-18835 Code Injection vulnerability in Doccms 2016.5.12
upload_template() in system/changeskin.php in DocCms 2016.5.12 allows remote attackers to execute arbitrary PHP code via a template file.
network
low complexity
doccms CWE-94
7.5
7.5