|
|
F3Site CVE-2007-0764 File-Upload Vulnerability
F3Site is prone to a file-upload vulnerability. Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php. |
|
Privacy Statement |