CVE-2018-3814
published 2018-01-01CVE-2018-3814: Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because…
PriorityP354high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
EPSS
1.35%
68.1th percentile
Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| clamav | clamav | >= 0 < 0.100.2+dfsg-1ubuntu0.14.04.2 | 0.100.2+dfsg-1ubuntu0.14.04.2 |
| craftcms | cms | 0 – 2.6.3000 | — |
| craftcms | craft_cms | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
osv6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Craft CMS PHP Code Injection Vulnerability
osv·2022-05-13
CVE-2018-3814 [HIGH] Craft CMS PHP Code Injection Vulnerability
Craft CMS PHP Code Injection Vulnerability
Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension.
GHSA
Craft CMS PHP Code Injection Vulnerability
ghsa·2022-05-13
CVE-2018-3814 [HIGH] CWE-434 Craft CMS PHP Code Injection Vulnerability
Craft CMS PHP Code Injection Vulnerability
Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension.
OSV
clamav vulnerabilities
osv·2018-11-13·CVSS 6.5
clamav vulnerabilities
clamav vulnerabilities
Updated: 2018-11-21: The embedded version of libmspack in ClamAV was
found to not be affected by the listed vulnerabilities, therefore the
following is not applicable.
USN-3814-1 fixed several vulnerabilities in libmspack. In Ubuntu 14.04
libmspack is included into ClamAV. This update provides the
corresponding update for Ubuntu 14.04 LTS.
Original advisory details:
It was discovered libmspack incorrectly handled certain malformed CAB files.
A remote attacker could use this issue to cause libmspack to crash, resulting
in a denial of service. (CVE-2018-18584, CVE-2018-18585)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2018-01-01
Published