Filtered by vendor Fecmall
Subscriptions
Filtered by product Fecmall
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-17188 | 1 Fecmall | 1 Fecmall | 2024-11-21 | 7.2 High |
| An unrestricted file upload vulnerability was discovered in catalog/productinfo/imageupload in Fecshop FecMall 2.3.4. An attacker can bypass a front-end restriction and upload PHP code to the webserver, by providing image data and the image/jpeg content type, with a .php extension. This occurs because the code relies on the getimagesize function. | ||||
Page 1 of 1.