RSS   Vulnerabilities for 'Smart flash header'   RSS

2019-11-13
 
CVE-2014-1214

CWE-434
 

 
views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted (1) dest parameter and (2) arbitrary extension in the Filename parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top