RSS   Vulnerabilities for 'Le.cms'   RSS

2008-06-24
 
CVE-2008-2833

CWE-287
 

 
admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters.

 


Copyright 2024, cxsecurity.com

 

Back to Top