CVE Vulnerabilities

CVE-2012-1153

Published: Oct 06, 2012 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Unrestricted file upload vulnerability in addons/uploadify/uploadify.php in appRain CMF 0.1.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the uploads directory.

Affected Software

Name Vendor Start Version End Version
Apprain Apprain 0.1.0 0.1.0
Apprain Apprain 0.1.1 0.1.1
Apprain Apprain 0.1.2 0.1.2
Apprain Apprain 0.1.3 0.1.3
Apprain Apprain 0.1.4 0.1.4
Apprain Apprain * 0.1.5

References