CVE-2012-5893

2012-11-17T16:55:04
ID CVE-2012-5893
Type cve
Reporter NVD
Modified 2017-08-28T21:32:50

Description

Unrestricted file upload vulnerability in hava_upload.php in Havalite CMS 1.1.0 and earlier allows remote attackers to execute arbitrary code by uploading a file with a .php;.gif extension, then accessing it via a direct request to the file in tmp/files/.