2 matches found
CVE-2013-10067
Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbitrary file upload vulnerability. When deployed as a standalone application, the administrative interface gwadmin.php allows users with administrator privileges to upload files to the gwtemp/a/ directory. Due to insufficient...
CVE-2013-10067
Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbitrary file upload vulnerability. When deployed as a standalone application, the administrative interface gwadmin.php allows users with administrator privileges to upload files to the gwtemp/a/ directory. Due to insufficient...