A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 up to and including 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dext5 dext5 |