CVE Vulnerabilities

CVE-2013-3590

Published: Aug 28, 2013 | Modified: Oct 07, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as demonstrated by access to a JSP file.

Affected Software

Name Vendor Start Version End Version
Searchblox Searchblox 6.3 6.3
Searchblox Searchblox 7.0 7.0
Searchblox Searchblox * 7.5
Searchblox Searchblox 6.4 6.4
Searchblox Searchblox 7.4 7.4
Searchblox Searchblox 6.4 6.4
Searchblox Searchblox 7.1 7.1
Searchblox Searchblox 7.2 7.2
Searchblox Searchblox 7.3 7.3
Searchblox Searchblox 6.2 6.2

References