Vulnerabilities > CVE-2009-1615 - Unspecified vulnerability in Gowondesigns Leap 0.1.4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN gowondesigns
exploit available
Summary
Unrestricted file upload vulnerability in Leap CMS 0.1.4 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via an admin.system.files (aka Manage Files) request to the default URI, then accessing the file via a direct request.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Leap CMS 0.1.4 (SQL/XSS/SU) Multiple Remote Vulnerabilities. CVE-2009-1613,CVE-2009-1614,CVE-2009-1615. Webapps exploit for php platform |
| file | exploits/php/webapps/8577.txt |
| id | EDB-ID:8577 |
| last seen | 2016-02-01 |
| modified | 2009-04-30 |
| platform | php |
| port | |
| published | 2009-04-30 |
| reporter | YEnH4ckEr |
| source | https://www.exploit-db.com/download/8577/ |
| title | leap CMS 0.1.4 sql/xss/su Multiple Vulnerabilities |
| type | webapps |