Description
Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.
Remediation
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2001-1372)
WordPress Plugin WooCommerce Cross-Site Scripting (3.4.5)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-0213)
MediaWiki CVE-2022-28323 Vulnerability (CVE-2022-28323)
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2010-3663)