Vulnerability Description
PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in edit_resume_det.php, as demonstrated by changing .docx to .php.
CVSS Score
8.8
HIGH
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Naukri Clone Script Project | Naukri Clone Script | <= 3.0.3 |
Related Weaknesses (CWE)
References
- https://whitehatck01.blogspot.com/2018/02/naukri-clone-script-303-file-upload.htExploitThird Party Advisory
- https://whitehatck01.blogspot.com/2018/02/naukri-clone-script-303-file-upload.htExploitThird Party Advisory
FAQ
What is CVE-2018-11514?
CVE-2018-11514 is a vulnerability with a CVSS score of 8.8 (HIGH). PHP Scripts Mall Naukri Clone Script through 3.0.3 allows Unrestricted Upload of a File with a Dangerous Type in edit_resume_det.php, as demonstrated by changing .docx to .php.
How severe is CVE-2018-11514?
CVE-2018-11514 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-11514?
Check the references section above for vendor advisories and patch information. Affected products include: Naukri Clone Script Project Naukri Clone Script.