Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as demonstrated by access to a JSP file.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Searchblox | Searchblox | 6.3 | 6.3 |
Searchblox | Searchblox | 7.0 | 7.0 |
Searchblox | Searchblox | * | 7.5 |
Searchblox | Searchblox | 6.4 | 6.4 |
Searchblox | Searchblox | 7.4 | 7.4 |
Searchblox | Searchblox | 6.4 | 6.4 |
Searchblox | Searchblox | 7.1 | 7.1 |
Searchblox | Searchblox | 7.2 | 7.2 |
Searchblox | Searchblox | 7.3 | 7.3 |
Searchblox | Searchblox | 6.2 | 6.2 |