mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-30 00:40:29 +02:00
838 B
838 B
CVE-2014-5298
Description
FileUploadsFilter.php in X2Engine 4.1.7 and earlier, when running on case-insensitive file systems, allows remote attackers to bypass the upload blacklist and conduct unrestricted file upload attacks by uploading a file with an executable extension that contains uppercase letters, as demonstrated using a PHP program.
POC
Reference
Github
No PoCs found on GitHub currently.