CVE-2008-6518

Unrestricted file upload vulnerability in the profile feature in VidiScript allows registered remote authenticated users to execute arbitrary code by uploading a PHP file as an Avatar, then accessing the avatar via a direct request.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:vidiscript:vidiscript:-:*:*:*:*:*:*:*

Information

Published : 2009-03-25 11:30

Updated : 2017-09-28 18:33


NVD link : CVE-2008-6518

Mitre link : CVE-2008-6518


JSON object : View

CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')

Advertisement

dedicated server usa

Products Affected

vidiscript

  • vidiscript