Unrestricted file upload vulnerability in PHPStore Job Search (aka PHPCareers) allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a resume photo, then accessing it via a direct request to the file in jobseekers/jobseeker_profile_images.
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2009-08-11T20:25:00

Updated: 2017-09-28T12:57:01

Reserved: 2009-08-11T00:00:00


Link: CVE-2008-6931

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2009-08-11T21:00:00.437

Modified: 2017-09-29T01:33:25.607


Link: CVE-2008-6931

JSON object: View

cve-icon Redhat Information

No data.

CWE