CVE-2019-11028

GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing attackers to upload any file type, leading to privilege escalation.
Source: NIST
CVE-2019-11028