Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro prior to 1.3.2, allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pulsecms pulse cms 1.2.2 |
||
pulsecms pulse cms 1.2.3 |
||
pulsecms pulse cms 1.3.2 |