PT-2018-14965 · Logicspice · Logicspice Faq Script

Akkus

Published

2018-11-22

Updated

2018-12-18

CVE-2018-19457

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Logicspice FAQ Script version 2.9.7

Description The issue allows uploading arbitrary files, leading to remote command execution. This can be achieved via the "admin/faqs/faqimages" endpoint with a .php file.

Recommendations For version 2.9.7, consider disabling the file upload functionality in the "admin/faqs/faqimages" endpoint until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation. Avoid using this endpoint with .php files until the issue is resolved.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2018-19457

Affected Products

Logicspice Faq Script

PT-2018-14965 · Logicspice · Logicspice Faq Script

CVE-2018-19457

Weakness Enumeration

Related Identifiers

Affected Products

References · 4