SecuritySpace - CVE-2013-3590

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2013-3590

Description: Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as demonstrated by access to a JSP file.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2013-3590
CERT/CC vulnerability note: VU#592942
http://www.kb.cert.org/vuls/id/592942
http://buddhalabs.com/Advisories/WebAdvisories.html

CVE ID:	CVE-2013-3590
Description:	Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as demonstrated by access to a JSP file.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2013-3590 CERT/CC vulnerability note: VU#592942 http://www.kb.cert.org/vuls/id/592942 http://buddhalabs.com/Advisories/WebAdvisories.html