PT-2005-2054 · Runcms · Runcms

Pokley

Published

2005-04-09

Updated

2017-07-11

CVE-2005-1031

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions RUNCMS version 1.1A

Description The issue arises when the "Allow custom avatar upload" feature is enabled, allowing remote attackers to upload arbitrary files due to improper file verification.

Recommendations For RUNCMS version 1.1A, consider disabling the "Allow custom avatar upload" feature until a proper fix is implemented to verify uploaded files.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-1031

Affected Products

Runcms

PT-2005-2054 · Runcms · Runcms

CVE-2005-1031

Related Identifiers

Affected Products

References · 7