Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 Beta4 allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as .php.jpg.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| W2box | Labs.beffa.org | 4.0.0_beta4 (including) | 4.0.0_beta4 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=117924253030935\u0026w=2
- http://osvdb.org/36830
- http://www.securityfocus.com/bid/23975
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34302
- http://marc.info/?l=bugtraq\u0026m=117924253030935\u0026w=2
- http://osvdb.org/36830
- http://www.securityfocus.com/bid/23975
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34302