Back to search
CVE-2009-1659
Published: May 17, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Unrestricted file upload vulnerability in admin/uploadimage.php in eLitius 1.0 allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files via an avatar file with an accepted Content-Type such as image/gif, then requesting the file in admin/banners/.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
34813
vdb-entry
x_refsource_BID
elitius-uploadimage-file-upload(50305)
vdb-entry
x_refsource_XF
ADV-2009-1248
vdb-entry
x_refsource_VUPEN
8603
exploit
x_refsource_EXPLOIT-DB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now