3 matches found
CVE-2015-2974
LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file...
Design/Logic Flaw
LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file...
CVE-2015-2974
Gazou BBS plus (LEMON-S PHP) prior to version 2.36 is affected by a vulnerability in file upload processing that allows remote attackers to upload arbitrary HTML documents via specially crafted image files. Exploitation details are consistent across multiple sources (CNVD/NVD/JVN). The impact is ...