4 matches found
CVE-2017-6104
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0...
Design/Logic Flaw
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0...
CVE-2017-6104
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0...
CVE-2017-6104
CVE-2017-6104 concerns the WordPress plugin Mobile App Native 3.0, where the file upload endpoint at zen-mobile-app-native/server/images.php accepts uploads without authentication and without validating the file content. The vulnerability allows an attacker to upload arbitrary files (e.g., PHP sh...