Lucene search
MitreCVELIST:CVE-2014-9619HistorySep 19, 2017 - 3:00 p.m.
CVE-2014-9619
2017-09-1915:00:00
mitre
www.cve.org
Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code by uploading a file with a double extension, then accessing it via a direct request to the file in webadmin/deny/images/, as demonstrated by secuid0.php.gif.
Related
cve
cve
CVE-2014-9619
2017-09-19 15:29:00
exploitpack
exploitpack
Netsweeper 4.0.8 - Arbitrary File Upload Execution
2015-08-21 00:00:00
nvd
nvd
CVE-2014-9619
2017-09-19 15:29:00
prion
prion
Unrestricted file upload
2017-09-19 15:29:00
exploitdb
exploitdb
Netsweeper 4.0.8 - Arbitrary File Upload / Execution
2015-08-21 00:00:00
openvas
openvas
Netsweeper Multiple Vulnerabilities (Aug 2015)
2015-08-25 00:00:00
zdt
zdt
Netsweeper 4.0.8 - Multiple Vulnerabilities
2015-08-13 00:00:00