3 matches found
CVE-2019-13973
LayerBB 1.1.3 allows admin/general.php arbitrary file upload because the customlogo filename suffix is not restricted, and .php may be used...
CVE-2019-13973
LayerBB 1.1.3 allows admin/general.php arbitrary file upload because the customlogo filename suffix is not restricted, and .php may be used...
CVE-2019-13973
CVE-2019-13973 affects LayerBB 1.1.3, where the admin/general.php arbitrary file upload is possible because the custom_logo filename suffix is not restricted, allowing a ".php" file. The vulnerability stems from insufficient validation of uploaded logo names, enabling potential remote code execut...