2 matches found
Orbis CMS 1.0.2 - Arbitrary File Upload Vulnerability
No description provided by source. 'Orbis CMS' Arbitrary Script Execution Vulnerability CVE-2010-4313 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Orbis CMS' filemanfileupload.php script that allows any authenticat...
CVE-2010-4313
CVE-2010-4313 concerns Orbis CMS 1.0.2 where the vulnerable script is fileman_file_upload.php. A flaw allows any authenticated user to upload a PHP file to the uploads/ directory and then access it via a direct URL, enabling remote code execution. The root cause is unrestricted file upload withou...