Arbitrary File Upload Vulnerability in RUNCMS 1.1A and e-Xoops
CVE-2005-1031 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
RUNCMS 1.1A, and possibly other products based on e-Xoops (exoops), when "Allow custom avatar upload" is enabled, does not properly verify uploaded files, which allows remote attackers to upload arbitrary files.
Learn more about our Cms Pen Testing.