CVE-2018-25412

Name of the Vulnerable Software and Affected Versions Delta Sql version 1.8.2

Description An arbitrary file upload issue allows unauthenticated attackers to upload malicious files by sending POST requests to the 'docs upload.php' endpoint using crafted multipart form data. This allows the upload of PHP files with arbitrary content to the upload directory, which can then be executed on the server to achieve remote code execution.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.