Security Advisory

CVE-2010-1514

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-06-14 19:00:00

Last updated 2024-09-17 04:20:44

Assigner flexera

State PUBLISHED

Description

Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier allows remote authenticated users, with certain privileges, to execute arbitrary PHP code by uploading an image file, and then accessing it via a direct request to the file in an unspecified directory.

← Browse all CVEs View on cve.org ↗