Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-1447

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2009-1447
Last Modified 28 Apr 2009 12:00:00
Published 27 Apr 2009 03:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-1447

Summary

Unrestricted file upload vulnerability in admin/editor/image.php in e-cart.biz Free Shopping Cart allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in images/.

Vulnerable Systems

Application

  • E-cart Free Shopping Cart


References

XF - ecart-image-file-upload(49956)

BID - 34590

MILW0RM - 8474

SECUNIA - 34736


Last Updated: 27 May 2016 10:50:34