← Back

Fleet Maintenance Management

fleet_maintenance_management

Vendor: Fleetco • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-19798
1Fleetco
1Fleet Maintenance Management
Nov 21, 2024
Mar 2, 2020
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
Fleetco Fleet Maintenance Management (FMM) 1.2 and earlier allows uploading an arbitrary ".php" file with the application/x-php Content-Type to the accidents_add.php?submit=1 URI, as demonstrated by the value_Images_1 fi...Show more
Fleetco Fleet Maintenance Management (FMM) 1.2 and earlier allows uploading an arbitrary ".php" file with the application/x-php Content-Type to the accidents_add.php?submit=1 URI, as demonstrated by the value_Images_1 field, which leads to remote command execution on the remote server. Any authenticated user can exploit this.Show less