Unrestricted file upload

2013-01-2401:55:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.5%

JSON

Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg.

CPENameOperatorVersion
car_portaleq3.0

CPE	Name	Operator	Version
	car_portal	eq	3.0

References

packetstormsecurity.org/files/112226/Car-Portal-CMS-3.0-CSRF-XSS-Shell-Upload.html

www.securityfocus.com/bid/53267

www.vulnerability-lab.com/get_content.php?id=502