CVE-2004-1408

CVE-2004-1408

EPSS 1.5%

The addImage method for admin.class.php in Image Gallery Web Application 0.9.10 does not properly check filenames, which allows remote attackers to upload and execute arbitrary files.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://marc.info/?l=bugtraq&m=110323479715051&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/18531 http://www.securityfocus.com/bid/11990