RSS   Podatności dla 'Aliboard'   RSS

2009-08-24
 
CVE-2008-7029

CWE-20
 

 
Unrestricted file upload vulnerability in usercp.php in AlilG Application AliBoard Beta allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an avatar, then accessing it via a direct request to the file in uploads/avatars/.

 

 >>> Vendor: Alilg 2 Produkty
Alitalk
Aliboard


Copyright 2024, cxsecurity.com

 

Back to Top