mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-20 20:34:40 +02:00
0xMarcio
874 B
874 B
CVE-2008-3362
Description
Unrestricted file upload vulnerability in upload.php in the Giulio Ganci Wp Downloads Manager module 0.2 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension via the upfile parameter, then accessing it via a direct request to the file in wp-content/plugins/downloads-manager/upload/.