2 matches found
CVE-2019-17575
A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user with admin privileges to rename a media filename and extension. For example: place PHP code in a .jpg file, and then change the file's base name to filename.p...
CVE-2019-17575
CVE-2019-17575 applies to WBCE CMS 1.4.0 and earlier. A vulnerability in the admin/media/rename.php file forms a file-rename filter bypass, enabling an authenticated admin to rename a media file and extension in a way that results in executing arbitrary PHP code on the server. The documented exam...