CVE-2015-4606 in Job Fair Extension
摘要 (英语)
Unrestricted file upload vulnerability in the Job Fair (jobfair) extension before 1.0.1 for TYPO3, when using Apache with mod_mime, allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the extension upload folder.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
预定
2015-06-16
披露
2015-06-16
状态
已确认
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 75958 | Job Fair Extension File Upload 权限提升 | 434 | 未定义 | 官方修复 | CVE-2015-4606 |