Vulnerability CVE-2020-28688


Published: 2020-11-17

Description:
The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files.

See advisories in our WLB2 database:
Topic
Author
Date
High
Artworks Gallery 1.0 Shell Upload
Shahrukh Iqbal M...
17.11.2020

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

 References:
https://code-projects.org/artworks-gallery-in-php-css-javascript-and-mysql-free-download/
https://packetstormsecurity.com/files/160095/Artworks-Gallery-1.0-Shell-Upload.html

Copyright 2024, cxsecurity.com

 

Back to Top