2 matches found
CVE-2008-2833
CVE-2008-2833 affects le.cms versions 1.4 and earlier. The admin/upload.php endpoint allows remote attackers to bypass administrative authentication and to upload and execute arbitrary files in the images/ directory by sending a nonzero submit0 value together with filenames in the filename and up...
CVE-2008-2833
admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters...