CVE-2018-10469

b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and execute arbitrary JSP files via the name[] parameter to the /upload URI.
References
Link Resource
https://github.com/b3log/symphony/issues/620 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:b3log:symphony:2.6.0:*:*:*:*:*:*:*

Information

Published : 2018-04-27 04:29

Updated : 2018-06-04 04:49


NVD link : CVE-2018-10469

Mitre link : CVE-2018-10469

Products Affected
No products.
CWE