2 matches found
CVE-2008-3178
CVE-2008-3178 describes an unrestricted file upload in WebXell Editor 0.1.3 via upload_pictures.php. A remote attacker can upload a PHP file disguised as an image (jpeg content type) and access it directly under upload/ to achieve arbitrary code execution. The vulnerability is caused by lack of p...
CVE-2008-3178
Unrestricted file upload vulnerability in uploadpictures.php in WebXell Editor 0.1.3 allows remote attackers to execute arbitrary code by uploading a .php file with a jpeg content type, then accessing it via a direct request to the file in upload/...