CVE Vulnerabilities

CVE-2014-0342

Published: Apr 15, 2014 | Modified: Apr 15, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors.

Affected Software

Name Vendor Start Version End Version
Pivotx Pivotx 2.2.0 2.2.0
Pivotx Pivotx 2.1.1 2.1.1
Pivotx Pivotx 2.1.2 2.1.2
Pivotx Pivotx 2.3.7 2.3.7
Pivotx Pivotx 2.3.5 2.3.5
Pivotx Pivotx 2.2.0 2.2.0
Pivotx Pivotx 2.2.0 2.2.0
Pivotx Pivotx 2.2.5 2.2.5
Pivotx Pivotx 2.2.1 2.2.1
Pivotx Pivotx 2.3.6 2.3.6
Pivotx Pivotx * 2.3.8
Pivotx Pivotx 2.2.2 2.2.2
Pivotx Pivotx 2.2.0 2.2.0
Pivotx Pivotx 2.3.2 2.3.2
Pivotx Pivotx 2.3.3 2.3.3
Pivotx Pivotx 2.3.0 2.3.0
Pivotx Pivotx 2.2.3 2.2.3
Pivotx Pivotx 2.1.0 2.1.0

References