The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files.
References
Link | Resource |
---|---|
https://code-projects.org/artworks-gallery-in-php-css-javascript-and-mysql-free-download/ | Product Vendor Advisory |
https://packetstormsecurity.com/files/160095/Artworks-Gallery-1.0-Shell-Upload.html | Exploit Third Party Advisory VDB Entry |
https://code-projects.org/artworks-gallery-in-php-css-javascript-and-mysql-free-download/ | Product Vendor Advisory |
https://packetstormsecurity.com/files/160095/Artworks-Gallery-1.0-Shell-Upload.html | Exploit Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 05:23
Type | Values Removed | Values Added |
---|---|---|
References | () https://code-projects.org/artworks-gallery-in-php-css-javascript-and-mysql-free-download/ - Product, Vendor Advisory | |
References | () https://packetstormsecurity.com/files/160095/Artworks-Gallery-1.0-Shell-Upload.html - Exploit, Third Party Advisory, VDB Entry |
Information
Published : 2020-11-17 14:15
Updated : 2024-11-21 05:23
NVD link : CVE-2020-28688
Mitre link : CVE-2020-28688
CVE.ORG link : CVE-2020-28688
JSON object : View
Products Affected
artworks_gallery_in_php\,_css\,_javascript\,_and_mysql_project
- artworks_gallery_in_php\,_css\,_javascript\,_and_mysql
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type