Unrestricted file upload vulnerability in upload-file.php in Adam Patterson Studio Lounge Address Book 2.5, as reachable from index2.php, allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in profiles/.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-04-29T18:06:00

Updated: 2024-08-07T05:13:25.812Z

Reserved: 2009-04-29T00:00:00

Link: CVE-2009-1483

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-04-29T18:30:00.390

Modified: 2024-11-21T01:02:33.960

Link: CVE-2009-1483

cve-icon Redhat

No data.