edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2017-10-23T18:00:00
Updated: 2024-08-07T00:01:51.774Z
Reserved: 2011-11-04T00:00:00
Link: CVE-2011-4334
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2017-10-23T18:29:00.337
Modified: 2017-10-25T11:57:51.070
Link: CVE-2011-4334
Redhat
No data.