← back
CVE-2008-1790

CVE-2008-1790

EPSS 1.1%
Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the "Manage Settings" functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/5402unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/29725https://exchange.xforce.ibmcloud.com/vulnerabilities/41751https://www.exploit-db.com/exploits/5402http://www.osvdb.org/44327http://www.securityfocus.com/bid/28670http://www.vupen.com/english/advisories/2008/1137/references