PT-2005-4520 · Exponent · Exponent Cms
Published
2005-11-22
·
Updated
2017-07-11
·
CVE-2005-3767
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Exponent CMS versions 0.96.3 and later
Description
The issue allows remote attackers to upload and execute PHP files due to improper restriction of the types of uploaded files.
Recommendations
For Exponent CMS versions 0.96.3 and later, restrict the types of uploaded files to prevent the execution of PHP files.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Exponent Cms