CVE-2013-3590

2013-08-28T13:09:00
ID CVE-2013-3590
Type cve
Reporter cve@mitre.org
Modified 2013-10-07T18:01:00

Description

Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as demonstrated by access to a JSP file. Per: http://cwe.mitre.org/data/definitions/434.html

'CWE-434: Unrestricted Upload of File with Dangerous Type'