2 matches found
CVE-2019-15862
An issue was discovered in CKFinder through 2.6.2.1. Improper checks of file names allows remote attackers to upload files without any extension even if the application was configured to accept files only with a defined set of extensions. This affects CKFinder for ASP, CKFinder for ASP.NET,...
CVE-2019-15862
The CVE-2019-15862 issue affects CKFinder up to 2.6.2.1 across CKFinder for ASP, ASP.NET, ColdFusion, and PHP. The root cause is improper checks of file names that allow uploads of files without an extension even when a defined set of extensions is configured. Impact is remote unauthenticated upl...