CVE-2019-18952

EPSS 84.69% · P99 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2019-18952

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

SibSoft Xfilesharing 代码问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

SibSoft Xfilesharing是俄罗斯SibSoft公司的一套文件共享解决方案。 SibSoft Xfilesharing 2.5.1及之前版本中存在代码问题漏洞。远程攻击者可借助包含短代码的.html文件利用该漏洞执行代码。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2019-18952

#	POC Description	Source Link	Shenlong Link
1	SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload.This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2019/CVE-2019-18952.yaml	POC Details

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2019-18952

请登录查看更多情报信息。

Same Patch Batch · n/a · 2019-11-13 · 70 CVEs total

CVE-2019-2214		Android 缓冲区错误漏洞
CVE-2019-13555		Mitsubishi Electric MELSEC-Q Series和MELSEC-L Series 资源管理错误漏洞
CVE-2013-3097		Verizon FiOS Router 未明跨站脚本漏洞
CVE-2019-2210		Android 缓冲区错误漏洞
CVE-2013-3516		NETGEAR WNR3500U和WNR3500L 跨站请求伪造漏洞
CVE-2019-18793		Parallels Plesk Panel 跨站脚本漏洞
CVE-2019-18844		ACRN 安全漏洞
CVE-2019-16951		Enghouse Systems Web Chat 信息泄露漏洞
CVE-2019-16950		Enghouse Systems Web Chat 跨站脚本漏洞
CVE-2013-3517		NETGEAR WNR3500U和WNR3500L 跨站脚本漏洞
CVE-2019-9467		Android 操作系统命令注入漏洞
CVE-2019-2213		Android Kernel组件资源管理错误漏洞
CVE-2019-2036		Android 安全漏洞
CVE-2019-2198		Android Framework组件SQL注入漏洞
CVE-2019-2196		Android Framework组件SQL注入漏洞
CVE-2019-2209		Android System组件缓冲区错误漏洞
CVE-2019-2208		Android System组件信息泄露漏洞
CVE-2019-2212		Android System组件信息泄露漏洞
CVE-2019-2207		Android System组件缓冲区错误漏洞
CVE-2019-2233		Android System组件安全漏洞

Showing top 20 of 70 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2019-18952

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2019-18952

I. Basic Information for CVE-2019-18952

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Shenlong Deep Dive — AI Deep Analysis

Affected Products

II. Public POCs for CVE-2019-18952

III. Intelligence Information for CVE-2019-18952

Same Patch Batch · n/a · 2019-11-13 · 70 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2019-18952

Leave a comment