The setName function in filesystem/File.php in SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1 allows remote authenticated users with CMS author privileges to execute arbitrary PHP code by changing the extension of an uploaded file.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:22
Type | Values Removed | Values Added |
---|---|---|
References | () http://dl.packetstormsecurity.net/1006-exploits/silverstripe-shell.txt - Exploit | |
References | () http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.3.8 - | |
References | () http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1 - | |
References | () http://open.silverstripe.org/changeset/107273 - Patch | |
References | () http://open.silverstripe.org/ticket/5693 - | |
References | () http://www.openwall.com/lists/oss-security/2012/04/30/1 - | |
References | () http://www.openwall.com/lists/oss-security/2012/04/30/3 - | |
References | () http://www.openwall.com/lists/oss-security/2012/05/01/3 - |
Information
Published : 2012-08-26 18:55
Updated : 2024-11-21 01:22
NVD link : CVE-2010-5091
Mitre link : CVE-2010-5091
CVE.ORG link : CVE-2010-5091
JSON object : View
Products Affected
silverstripe
- silverstripe
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')