Main Vulnerability Database Exploits ID:3848 - Exploit for Arbitrary file upload in Frog CMS - CVE-2014-4912

ID:3848 - Exploit for Arbitrary file upload in Frog CMS - CVE-2014-4912

Published: August 9, 2020

Vulnerability identifier: #VU37378

Vulnerability risk: High

CVE-ID: CVE-2014-4912

CWE-ID: CWE-434

Exploitation vector: Remote access

Vulnerable software:
Frog CMS

Link to public exploit:

https://www.exploit-db.com/exploits/33983/

Vulnerability description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to insufficient validation of file extension when uploading files. A remote attacker can upload and execute arbitrary file on the system.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

ID:3848 - Exploit for Arbitrary file upload in Frog CMS - CVE-2014-4912

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human