6 matches found
SOL17156 - PHP vulnerability CVE-2014-5298
Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value. Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL995...
[KIS-2014-10] X2Engine <= 4.1.7 (FileUploadsFilter.php) Unrestricted File Upload Vulnerability
-------------------------------------------------------------------------------- X2Engine = 4.1.7 FileUploadsFilter.php Unrestricted File Upload Vulnerability -------------------------------------------------------------------------------- - Software Link: http://www.x2engine.com/ - Affected...
CVE-2014-5298
FileUploadsFilter.php in X2Engine 4.1.7 and earlier, when running on case-insensitive file systems, allows remote attackers to bypass the upload blacklist and conduct unrestricted file upload attacks by uploading a file with an executable extension that contains uppercase letters, as demonstrated...
CVE-2014-5298
CVE-2014-5298 affects X2Engine
X2Engine 4.1.7 Unrestricted File Upload
-------------------------------------------------------------------------------- X2Engine = 4.1.7 FileUploadsFilter.php Unrestricted File Upload Vulnerability -------------------------------------------------------------------------------- - Software Link: http://www.x2engine.com/ - Affected...
X2Engine 4.1.7 PHP Object Injection / Unrestricted File Upload Vulnerabilies
X2Engine versions 2.8 through 4.1.7 suffer from a PHP object injection and below suffer from an unrestricted file upload vulnerability due to poor use of a blacklist. ------------------------------------------------------------------------- X2Engine = 4.1.7 SiteController.php PHP Object Injection...