CVE-2017-14704

🗓️ 26 Sep 2017 14:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 53 Views🌐 WEB

Multiple file upload vulnerabilities in Claydip Laravel Airbnb Clone 1.

Reporter	Title	Published	Views	Family All 10
0day.today	Claydip Airbnb Clone 1.0 - Arbitrary File Upload Vulnerability	24 Sep 201700:00	–	zdt
CNVD	Claydip Laravel Airbnb Clone Arbitrary File Upload Vulnerability	26 Sep 201700:00	–	cnvd
Cvelist	CVE-2017-14704	26 Sep 201714:00	–	cvelist
Exploit DB	Claydip Airbnb Clone 1.0 - Arbitrary File Upload	22 Sep 201700:00	–	exploitdb
EUVD	EUVD-2017-6201	7 Oct 202500:30	–	euvd
exploitpack	Claydip Airbnb Clone 1.0 - Arbitrary File Upload	22 Sep 201700:00	–	exploitpack
NVD	CVE-2017-14704	26 Sep 201714:29	–	nvd
OSV	CVE-2017-14704	26 Sep 201714:29	–	osv
Packet Storm	Claydip Airbnb Clone 1.0 Arbitrary File Upload	22 Sep 201700:00	–	packetstorm
Prion	Unrestricted file upload	26 Sep 201714:29	–	prion

NVD

Node

claydip airbnb_cloneMatch1.0

Source	Link
exploit-db	www.exploit-db.com/exploits/42773/

Parameter	Position	Path	Description	CWE
profile_img_name	request body	user/edit/uploadphoto	Arbitrary file upload vulnerability via imageSubmit allowing authenticated users to upload files with executable extensions.	CWE-434
image	request body	user/edit/uploadphoto	Arbitrary file upload vulnerability via imageSubmit allowing authenticated users to upload files with executable extensions.	CWE-434
profile_img_name	request body	user/edit/uploadproof	Arbitrary file upload vulnerability via proof_submit allowing authenticated users to upload files with executable extensions.	CWE-434
image	request body	user/edit/uploadproof	Arbitrary file upload vulnerability via proof_submit allowing authenticated users to upload files with executable extensions.	CWE-434

13 May 2026 00:24Current

8.8High risk

Vulners AI Score8.8

CVSS 26.5

CVSS 38.8

EPSS0.01912

cve-2017-14704 unrestricted file upload laravel airbnb clone security vulnerability remote code execution