PT-2018-4227 · Frog Cms · Frog Cms

Javid Hussain

Published

2018-03-22

Updated

2018-04-18

CVE-2014-4912

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Frog CMS version 0.9.5

Description An issue was discovered due to a lack of extension validation, allowing for arbitrary file upload.

Recommendations For Frog CMS version 0.9.5, consider implementing proper extension validation to prevent arbitrary file uploads until a patch is available.

Exploit

Fix

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-434

Related Identifiers

CVE-2014-4912

Affected Products

Frog Cms

PT-2018-4227 · Frog Cms · Frog Cms

CVE-2014-4912

Weakness Enumeration

Related Identifiers

Affected Products

References · 3