3 matches found
CVE-2009-3890
Unrestricted file upload vulnerability in the wpcheckfiletype function in wp-includes/functions.php in WordPress before 2.8.6, when a certain configuration of the modmime module in the Apache HTTP Server is enabled, allows remote authenticated users to execute arbitrary code by posting an...
CVE-2009-3890
Unrestricted file upload vulnerability in the wpcheckfiletype function in wp-includes/functions.php in WordPress before 2.8.6, when a certain configuration of the modmime module in the Apache HTTP Server is enabled, allows remote authenticated users to execute arbitrary code by posting an...
CVE-2009-3890
WordPress before 2.8.6 has an Unrestricted file upload vulnerability in wp_check_filetype, exploitable when mod_mime is configured in Apache. Remote authenticated users can upload an attachment with a multiple-extension filename (e.g., name.php.jpg) and then access it via wp-content/uploads/ to e...