RSS   Vulnerabilities for 'Complete classifieds'   RSS

2009-08-11
 
CVE-2008-6928

CWE-264
 

 
Unrestricted file upload vulnerability in PHPStore Complete Classifieds allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a logo, then accessing it via a direct request to the file in classifieds1/yellow_images/.

 

 >>> Vendor: Phpstore 7 Products
Real estate
Yahoo answers
Wholesale
Wholesales
Complete classifieds
Auto classifieds
Phpcareers


Copyright 2024, cxsecurity.com

 

Back to Top