Vulnerabilities > Ultimatefosters
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-17 | CVE-2018-17139 | Unrestricted Upload of File with Dangerous Type vulnerability in Ultimatefosters Ultimatepos 2.5 UltimatePOS 2.5 allows users to upload arbitrary files, which leads to remote command execution by posting to a /products URI with PHP code in a .php file with the image/jpeg content type. | 8.8 |