<?xml version="1.0" encoding="utf-8"?> <params> <param> <value> <struct> <member> <name>VERSION</name> <value> <string>1.0</string> </value> </member> <member> <name>UPDATED</name> <value> <string>2018-11-15</string> </value> </member> <member> <name>SERIAL</name> <value> <string>1</string> </value> </member> <member> <name>DWF</name> <value> <struct> <member> <name>CVE_ID</name> <value> <string>CVE-2018-9209</string> </value> </member> <member> <name>DESCRIPTION</name> <value> <string>Arbitrary File Upload File Upload Vulnerability in php-traditional-server v1.2.2</string> </value> </member> <member> <name>CREDIT</name> <value> <string>Larry W. Cashdollar @_larry0</string> </value> </member> <member> <name>SOURCES</name> <value> <array> <data> <value> <struct> <member> <name>URL</name> <value> <array> <data> <value> <string>https://web.archive.org/web/20180611151421/https://github.com/FineUploader/php-traditional-server</string> </value> </data> </array> </value> </member> <member> <name>LOCALNAME</name> <value> <string>Product Home Page</string> </value> </member> </struct> </value> <value> <struct> <member> <name>URL</name> <value> <array> <data> <value> <string>http://www.vapidlabs.com/advisory.php?v=208</string> </value> </data> </array> </value> </member> <member> <name>LOCALNAME</name> <value> <string>Researcher Advisory</string> </value> </member> </struct> </value> </data> </array> </value> </member> </struct> </value> </member> </struct> </value> </param> </params>