← back
CVE-2008-2833

CVE-2008-2833

EPSS 4.1%
admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/5887unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/30797https://exchange.xforce.ibmcloud.com/vulnerabilities/43274https://www.exploit-db.com/exploits/5887http://www.securityfocus.com/bid/29867http://www.securityfocus.com/bid/29872