Description
Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2014-6452 Vulnerability (CVE-2014-6452)
WordPress Plugin Captchinoo, Google recaptcha for admin login page Cross-Site Request Forgery (2.4)
WordPress Plugin iThemes Exchange:Simple WP Ecommerce Remote Code Execution (1.14.0)
WordPress Plugin User Rights Access Manager Security Bypass (1.0.3)