Lucene search
PRIOn knowledge basePRION:CVE-2014-9619HistorySep 19, 2017 - 3:29 p.m.
Unrestricted file upload
2017-09-1915:29:00
PRIOn knowledge base
www.prio-n.com
2
Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code by uploading a file with a double extension, then accessing it via a direct request to the file in webadmin/deny/images/, as demonstrated by secuid0.php.gif.
| CPE | Name | Operator | Version |
|---|---|---|---|
| netsweeper | le | 3.1.9 | |
| netsweeper | eq | 4.1.1 | |
| netsweeper | eq | 4.1.0 | |
| netsweeper | eq | 4.0.8 | |
| netsweeper | eq | 4.0.7 | |
| netsweeper | eq | 4.0.6 | |
| netsweeper | eq | 4.0.5 | |
| netsweeper | eq | 4.0.4 | |
| netsweeper | eq | 4.0.3 | |
| netsweeper | eq | 4.0.2 |
Related
cve
cve
CVE-2014-9619
2017-09-19 15:29:00
exploitpack
exploitpack
Netsweeper 4.0.8 - Arbitrary File Upload Execution
2015-08-21 00:00:00
cvelist
cvelist
CVE-2014-9619
2017-09-19 15:00:00
nvd
nvd
CVE-2014-9619
2017-09-19 15:29:00
exploitdb
exploitdb
Netsweeper 4.0.8 - Arbitrary File Upload / Execution
2015-08-21 00:00:00
openvas
openvas
Netsweeper Multiple Vulnerabilities (Aug 2015)
2015-08-25 00:00:00
zdt
zdt
Netsweeper 4.0.8 - Multiple Vulnerabilities
2015-08-13 00:00:00