Arbitrary PHP File Upload and Execution in Exponent CMS 0.96.3 and Later Versions

Arbitrary PHP File Upload and Execution in Exponent CMS 0.96.3 and Later Versions

CVE-2005-3767 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Exponent CMS 0.96.3 and later versions does not properly restrict the types of uploaded files, which allows remote attackers to upload and execute PHP files.

Learn more about our Cms Pen Testing.