Description

The setName function in filesystem/File.php in SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1 allows remote authenticated users with CMS author privileges to execute arbitrary PHP code by changing the extension of an uploaded file.

Remediation

References

CVE-2010-5091

Related Vulnerabilities

WordPress Plugin Rockhoist Badges Cross-Site Scripting (1.2.2)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-6727)

MediaWiki Session Fixation Vulnerability (CVE-2013-4572)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.1.19)

WordPress Plugin Jock on air now Multiple Vulnerabilities (5.6.1)

Severity

Medium

Classification

CVE-2010-5091 CWE-94

Tags

Missing Update Known Vulnerabilities