Home > Content Management, File Inclusion > e107 Hupsi Share Plugin Arbitrary File Upload

e107 Hupsi Share Plugin Arbitrary File Upload

June 30th, 2012

Application: e107
Affected Version: version 1.1 and other versions.
Vendor’s URL: Hupsi Share Plugin
Bug Type: File Upload
Risk Level: Critical

Solution:
Restrict access to the e107_plugins/hupsi_share/inc/uploader/uploadify.php script (e.g. via .htaccess).

Content Management, File Inclusion

Comments are closed.