Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 allows a remote, authenticated attacker to execute arbitrary code by uploading a malicious PHP file.
References
Link Resource
https://www.tenable.com/security/research/tra-2019-37 Exploit Patch Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: tenable

Published: 2019-07-31T17:20:04

Updated: 2019-07-31T17:20:04

Reserved: 2019-01-03T00:00:00


Link: CVE-2019-3960

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2019-07-31T18:15:11.533

Modified: 2019-08-06T17:06:46.477


Link: CVE-2019-3960

JSON object: View

cve-icon Redhat Information

No data.

CWE