Vulnerabilities > Fleetco

DATE CVE VULNERABILITY TITLE RISK
2020-03-02 CVE-2018-19798 Unrestricted Upload of File with Dangerous Type vulnerability in Fleetco Fleet Maintenance Management 1.2
Fleetco Fleet Maintenance Management (FMM) 1.2 and earlier allows uploading an arbitrary ".php" file with the application/x-php Content-Type to the accidents_add.php?submit=1 URI, as demonstrated by the value_Images_1 field, which leads to remote command execution on the remote server.
network
low complexity
fleetco CWE-434
6.5