Lucene search
GoogleOSV:CVE-2019-8404HistoryMay 14, 2019 - 4:29 p.m.
CVE-2019-8404
2019-05-1416:29:02
Google
osv.dev
2
An issue was discovered in Webiness Inventory 2.3. The ProductModel component allows Arbitrary File Upload via a crafted product image during the creation of a new product. Consequently, an attacker can steal information from the site with the help of an installed executable file, or change the contents of pages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| webiness_inventory | eq | 2.3 | |
| webiness_inventory | eq | 2.2 | |
| webiness_inventory | eq | 2.1 | |
| webiness_inventory | eq | 2.0 |
Related
zdt
zdt
Webiness Inventory 2.3 - ProductModel Arbitrary File Upload Vulnerability
2019-02-18 00:00:00
cve
cve
CVE-2019-8404
2019-05-14 16:29:02
prion
prion
Design/Logic Flaw
2019-05-14 16:29:00
nvd
nvd
CVE-2019-8404
2019-05-14 16:29:02
packetstorm
packetstorm
Webiness Inventory 2.3 Arbitrary File Upload
2019-02-19 00:00:00
exploitpack
exploitpack
Webiness Inventory 2.3 - ProductModel Arbitrary File Upload
2019-02-18 00:00:00
cvelist
cvelist
CVE-2019-8404
2019-05-14 15:29:31
exploitdb
exploitdb
Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload
2019-02-18 00:00:00