Back to search
CVE-2013-3590
Published: Aug 28, 2013
Modified: Sep 16, 2024
PUBLISHED
Description
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as demonstrated by access to a JSP file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
VU#592942
third-party-advisory
x_refsource_CERT-VN
http://buddhalabs.com/Advisories/WebAdvisories.html
x_refsource_MISC
http://www.searchblox.com/developers-2/change-log
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now