Vulnerabilities > CVE-2012-2939 - Unspecified vulnerability in Itechscripts Travelon Express 6.2.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN itechscripts
exploit available
Summary
Multiple unrestricted file upload vulnerabilities in Travelon Express 6.2.2 allow remote authenticated users to execute arbitrary code by uploading a file with an executable extension using (1) airline-edit.php, (2) hotel-image-add.php, or (3) hotel-add.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Travelon Express CMS 6.2.2 - Multiple Vulnerabilities. CVE-2012-2938,CVE-2012-2939,CVE-2012-4281. Webapps exploit for php platform |
| file | exploits/php/webapps/18871.txt |
| id | EDB-ID:18871 |
| last seen | 2016-02-02 |
| modified | 2012-05-13 |
| platform | php |
| port | |
| published | 2012-05-13 |
| reporter | Vulnerability-Lab |
| source | https://www.exploit-db.com/download/18871/ |
| title | Travelon Express CMS 6.2.2 - Multiple Vulnerabilities |
| type | webapps |
References
- http://iel-sayed.blogspot.com/2012/05/travelon-express-cms-v622-multiple-web.html
- http://iel-sayed.blogspot.com/2012/05/travelon-express-cms-v622-multiple-web.html
- http://www.exploit-db.com/exploits/18871
- http://www.exploit-db.com/exploits/18871
- http://www.osvdb.org/81889
- http://www.osvdb.org/81889
- http://www.securityfocus.com/bid/53500
- http://www.securityfocus.com/bid/53500
- http://www.vulnerability-lab.com/get_content.php?id=530
- http://www.vulnerability-lab.com/get_content.php?id=530
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75542
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75542