04 Oct 2019
Vulnérabilité CVE-2019-17188 CVE Vulnerability
An unrestricted file upload vulnerability was discovered in catalog/productinfo/imageupload in Fecshop FecMall 2.3.4. An attacker can bypass a front-end restriction and upload PHP code to the webserver, by providing image data and the image/jpeg content type, with a .php extension. This occurs because the code relies on the getimagesize function. (CVSS:0.0) (Last Update:2019-10-04)
Vulnerability Details : An unrestricted file upload vulnerability was discovered in catalog/productinfo/imageupload in Fecshop FecMall 2.3.4. An attacker can bypass a front-end restriction and upload PHP code to the webserver, by providing image data and the image/jpeg content type, with a .php extension. This occurs because the code relies on the getimagesize function. Publish Date : 2019-10-04 Last Update Date : 2019-10-04 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2019-17188
- References For CVE-2019-17188
| ||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2019-17188There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |