Back to search
CVE-2008-2833
Published: Jun 24, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
5887
exploit
x_refsource_EXPLOIT-DB
29872
vdb-entry
x_refsource_BID
30797
third-party-advisory
x_refsource_SECUNIA
29867
vdb-entry
x_refsource_BID
lecms-upload-file-upload(43274)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now