Back to search
CVE-2019-8404
Published: May 14, 2019
Modified: Aug 4, 2024
PUBLISHED
Description
An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the contents of pages.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
46405
exploit
x_refsource_EXPLOIT-DB
https://sourceforge.net/projects/webinessinventory/files/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now