CVE-2015-6967

2015-09-16T10:59:09
ID CVE-2015-6967
Type cve
Reporter NVD
Modified 2015-09-17T13:40:06

Description

Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog before 4.0.5 allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in content/private/plugins/my_image/image.php.