[VIM] vendor ack/fix: 22793: CRE Loaded files.php Unauthenticated Arbitrary File Upload (fwd)
security curmudgeon
jericho at attrition.org
Fri Feb 3 19:51:19 EST 2006
---------- Forwarded message ----------
From: David M. Graham
To: moderators at osvdb.org
Date: Fri, 03 Feb 2006 11:25:18 -0600
Subject: [OSVDB Mods] [Change Request] 22793: CRE Loaded files.php
Unauthenticated Arbitrary File Upload
In regards to this issue, which affects several files in the HTMLarea install
in all releases of CRE Loaded 6 prior to 6.2 and including any copy of 6.15
downloaded before January 30th. We have released a patch to address this
exploit.
It is available at : http://creloaded.com/Downloads/d_op=getit/lid=172.html
Regards,
David M. Graham,
CRE Loaded Project Manager
Chain Reaction Works, Inc
More information about the VIM
mailing list