3.1.1.3

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

sharetronix

NVD

Published: 2014-06-13

Updated: 2024-11-21

Summary

Unrestricted file upload vulnerability in system/controllers/ajax/attachments.php in Sharetronix 3.1.1.3, 3.1.1, and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.

Vulnerable Configurations

Part	Description	Count
Application	Sharetronix Sharetronix Sharetronix 3.1.1 Sharetronix Sharetronix 3.1.1.3	2

References

http://osvdb.org/100604
http://osvdb.org/100604
http://secunia.com/advisories/53936
http://secunia.com/advisories/53936
http://secunia.com/secunia_research/2013-9/
http://secunia.com/secunia_research/2013-9/
http://www.securityfocus.com/bid/64102
http://www.securityfocus.com/bid/64102
https://exchange.xforce.ibmcloud.com/vulnerabilities/89502
https://exchange.xforce.ibmcloud.com/vulnerabilities/89502