CVE-2019-18952

Published: Nov 13, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gist.github.com/pak0s/af9f640170aed335fdf6d110d468dbce

x_refsource_MISC

http://packetstormsecurity.com/files/155324/Xfilesharing-2.5.1-Local-File-Inclusion-Shell-Upload.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-18952

Description

Affected Products

References