CVE-2018-18924

HIGH

ProjeQtOr < 7.2.5 - Remote Code Execution via Image Upload Feature

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-18924. PoCs published by AkkuS.

AI-analyzed exploit summary This exploit leverages an arbitrary file upload vulnerability in ProjeQtOr 7.2.5, allowing attackers to upload malicious .shtml files. The uploaded file can execute system commands via SSI directives, leading to remote code execution.

Description

The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by uploading a .shtml file with "#exec cmd" because rejected files remain on the server, with predictable filenames, after a "This file is not a valid image" error message.

Exploits (1)

exploitdb WORKING POC
by AkkuS · textwebappsphp
https://www.exploit-db.com/exploits/45680

This exploit leverages an arbitrary file upload vulnerability in ProjeQtOr 7.2.5, allowing attackers to upload malicious .shtml files. The uploaded file can execute system commands via SSI directives, leading to remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: ProjeQtOr Project Management Tool v7.2.5 and lower
Auth required
Prerequisites: Valid user credentials · Access to the CKEditor upload functionality · Server-side includes (SSI) enabled on the target server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/45680/

Scores

CVSS v3 8.8
EPSS 0.0949
EPSS Percentile 94.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-459
Status published
Products (1)
projeqtor/projeqtor < 7.2.5
Published Nov 04, 2018
Tracked Since Feb 18, 2026