CRITICALVulnerability
Verified
Global

NVD CRITICAL: CVE-2018-25412 — Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unau...

·Source: NIST NVD

Updated:

Executive Summary

Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to docs_upload.php with crafted multipart form data. Attackers can upload PHP files with arbitrary content to the upload directory and execute them on the server for remote code execution.

Analysis

Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to docs_upload.php with crafted multipart form data. Attackers can upload PHP files with arbitrary content to the upload directory and execute them on the server for remote code execution. CVSS Score: 9.8. Published: 2026-05-30T16:17:01.990.

Indicators of Compromise (1)

CVE (1)
CVE-2018-25412
NVDMITRE CVE
Source Attribution

Originally published by NIST NVD on May 30, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Weekly Update 506

I'm finding it quite fascinating to watch the current spate of ShinyHunters breaches and dumps. There's the obvious criminality of it all, but then there's also the response from organisations (or lack thereof, as it relates to disclosure to victims), the appearance and disappearance

Troy Hunt
MEDIUMVulnerability

Loqbox and Blackbullion join forces to financially support students build credit

Loqbox and Blackbullion have partnered to help more than 450,000 students build stronger financial futures through accessible credit-building tools and curriculum-linked financial education.

Finextra
MEDIUMVulnerability

YARA-X 1.17.0 Release, (Sun, May 31st)

YARA-X&&#x23&#x3b;x26&#x3b;&#x23&#x3b;39&#x3b;s 1.17.0 release brings 5 improvements (several performance improvements) and 1 bugfix.

SANS ISC