CVE-2019-11028

GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing authenticated attackers to upload any file type to the server via the "Documents" area. This vulnerability is related to "uploadDocFile.aspx". > MITRE Terms of Use apply – see LICENSE‑MITRE.txt