RSS   Vulnerabilities for 'Aspwebcalendar2008'   RSS

2008-06-24
 
CVE-2008-2832

CWE-94
 

 
Unrestricted file upload vulnerability in calendar_admin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request to the file in calendar/eventimages/.

 

 >>> Vendor: Fullrevolution 3 Products
Aspwebalbum
Aspwebcalendar2008
Aspwebcalendar


Copyright 2017, cxsecurity.com

 

Back to Top