upload_file.pl in DCForum 2000 1.0 allows remote malicious users to upload arbitrary files without authentication by setting the az parameter to upload_file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dcscripts dcforum 5.0 |
||
dcscripts dcforum 6.0 |
||
dcscripts dcforum 2000 1.0 |
||
dcscripts dcforum 3.0 |
||
dcscripts dcforum 4.0 |
||
dcscripts dcforum 1.0 |
||
dcscripts dcforum 2.0 |