AtomCMS - SQL Injection / Arbitrary File Upload
| EKU-ID: 43590 | CVE: CVE-2014-4852;OSVDB-108788 | OSVDB-ID: |
| Author: Jagriti Sahu | Published: 2014-07-07 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 43590 | CVE: CVE-2014-4852;OSVDB-108788 | OSVDB-ID: |
| Author: Jagriti Sahu | Published: 2014-07-07 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/68437/info AtomCMS is prone to an SQL-injection vulnerability and an arbitrary file-upload vulnerability. Exploiting these issues could allow an attacker to upload arbitrary files, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/acms/admin/uploads.php?id=1