3 matches found
CVE-2017-10665
Directory traversal vulnerability in ajaxfileupload.php in Kayson Group Ltd. phpGrid before 7.2.5 allows remote attackers to execute arbitrary code by uploading a crafted file with a .. dot dot in the file name...
CVE-2017-10665
Directory traversal vulnerability in ajaxfileupload.php in Kayson Group Ltd. phpGrid before 7.2.5 allows remote attackers to execute arbitrary code by uploading a crafted file with a .. dot dot in the file name...
CVE-2017-10665
The CVE affects Kayson Group phpGrid prior to version 7.2.5, where a directory traversal flaw in ajaxfileupload.php allows a remote attacker to upload a crafted file whose name contains .. to execute arbitrary code. This is a server-side path traversal issue in the file upload handling, enabling ...