CVE ID:

CVE-2019-7721

Details:

lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the index.php?action=save name and editordata parameters.

References:

:https://github.com/gnat/nc-cms/issues/14