CVE-2014-0342

Publication date

2014-04-15 10:00:00

Family

certcc

State

PUBLISHED

Description

Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors.