Vulnerabilities

CVE-2014-8085

by Fred · 05/01/2015

Unrestricted file upload vulnerability in the CWebContact::doModel method in oc-includes/osclass/controller/contact.php in OSClass before 3.4.3 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in an unspecified directory.

Date published : 2015-01-05

http://www.securityfocus.com/bid/71842

http://www.securityfocus.com/archive/1/534361/100/0/threaded

Similar

Tags: Cybersecurity Alert