Unrestricted file upload vulnerability in banner-edit.php in OpenX adserver 2.8.1 and earlier allows remote authenticated users with banner / file upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an images directory.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-11-28T11:00:00
Updated: 2018-10-10T18:57:01
Reserved: 2009-11-28T00:00:00
Link: CVE-2009-4098
JSON object: View
NVD Information
Status : Modified
Published: 2009-11-29T13:08:29.343
Modified: 2018-10-10T19:48:20.427
Link: CVE-2009-4098
JSON object: View
Redhat Information
No data.
CWE