Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1447


Vulnerability Score 6.8 6.8
CVE Id CVE-2009-1447
Last Modified 28 Apr 2009 12:00:00
Published 27 Apr 2009 03:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Unrestricted file upload vulnerability in admin/editor/image.php in Free Shopping Cart allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.

Vulnerable Systems


  • E-cart Free Shopping Cart


XF - ecart-image-file-upload(49956)

BID - 34590

MILW0RM - 8474

SECUNIA - 34736

Last Updated: 27 May 2016 10:50:34