Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as demonstrated by access to a JSP file.
CPE | Name | Operator | Version |
---|---|---|---|
searchblox | eq | 6.3 build-1 | |
searchblox | eq | 7.0 | |
searchblox | le | 7.5 | |
searchblox | eq | 6.4 build-1 | |
searchblox | eq | 7.4 | |
searchblox | eq | 6.4 build-2 | |
searchblox | eq | 7.1 | |
searchblox | eq | 7.2 | |
searchblox | eq | 7.3 | |
searchblox | eq | 6.2 build-1 |