1. Home
  2. CVEs with refmap.fulldisc==20150925 CVE-2015-5074 - Arbitrary File Upload In X2Engine Inc. X2Engine
Max CVSS 7.5 Min CVSS 7.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2015-5074 7.5
Incomplete blacklist vulnerability in the FileUploadsFilter class in protected/components/filters/FileUploadsFilter.php in X2Engine X2CRM before 5.0.9 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a .pht ext
09-10-2018 - 19:57 29-09-2015 - 19:59
Back to Top Mark selected
Back to Top