Exponent CMS File Upload Extension Validation Failure Arbitrary Code Execution

2005-06-29T21:29:02
ID OSVDB:20785
Type osvdb
Reporter OSVDB
Modified 2005-06-29T21:29:02

Description

Solution Description

Upgrade to version 0.97 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://www.exponentcms.org/ Vendor Specific News/Changelog Entry: http://sourceforge.net/tracker/index.php?func=detail&aid=1229571&group_id=118524&atid=753302