RSS   Vulnerabilities for 'Imgupload'   RSS

2009-06-04
 
CVE-2008-6822

 

 
Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a modified content type, then accessing this file via a direct request, as demonstrated by an upload with an image/jpeg content type. NOTE: some of these details are obtained from third party information.

 


Copyright 2024, cxsecurity.com

 

Back to Top