CVE-2013-1668

Published: May 23, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators to execute arbitrary commands via shell metacharacters in the name of an uploaded file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

90927

vdb-entry

x_refsource_OSVDB

http://www.coscms.org/blog/view/4/Version-1.822

x_refsource_CONFIRM

58332

vdb-entry

x_refsource_BID

https://www.htbridge.com/advisory/HTB23145

x_refsource_MISC

20130306 OS Command Injection in CosCms

mailing-list

x_refsource_BUGTRAQ

24629

exploit

x_refsource_EXPLOIT-DB

https://github.com/diversen/gallery/commit/7d58f870e8edc6597485dd1b80ea9fb78580190c

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-1668

Description

Affected Products

References