CVE-2018-11638

Unrestricted Upload of a File with a Dangerous Type in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to upload malicious code to the web root to gain code execution. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt