Security Advisory

CVE-2019-6289

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-01-15 06:00:00

Last updated 2024-08-04 20:16:24

Assigner mitre

State PUBLISHED

Description

uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename.

← Browse all CVEs View on cve.org ↗