The file_manager component in eFront CMS prior to 3.6.15.5 allows remote authenticated users to bypass intended file-upload restrictions by appending a crafted parameter to the file URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
efrontlearning efront |