Vulnerability Description
A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user with admin privileges to rename a media filename and extension. (For example: place PHP code in a .jpg file, and then change the file's base name to filename.ph and change the file's extension to p. Because of concatenation, the name is then treated as filename.php.) At the result, remote attackers can execute arbitrary PHP code.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wbce | Wbce Cms | <= 1.4.0 |
Related Weaknesses (CWE)
References
- https://github.com/kbgsft/vuln-wbce/wiki/Arbitrary-file-upload-vulnerbility-in-WExploitThird Party Advisory
- https://github.com/kbgsft/vuln-wbce/wiki/Arbitrary-file-upload-vulnerbility-in-WExploitThird Party Advisory
FAQ
What is CVE-2019-17575?
CVE-2019-17575 is a vulnerability with a CVSS score of 7.2 (HIGH). A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user with admin privileges to rename a media filename and extensio...
How severe is CVE-2019-17575?
CVE-2019-17575 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-17575?
Check the references section above for vendor advisories and patch information. Affected products include: Wbce Wbce Cms.