← Back

CVE-2014-0342

nvd nist
Published: Apr 15, 2014Modified: May 6, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .php or (2) .php# extension, and then accessing it via unspecified vectors.

Affected (18)

Products: Pivotx: Pivotx
Pivotx
1 product
Pivotx
Configuration A
18 vulnerable
Vulnerable SoftwareAffected Versions
Pivotx
Pivotx
Up to 2.3.8
Pivotx
Version 2.1.0
Pivotx
Version 2.1.1
Pivotx
Version 2.1.2
Pivotx
Version 2.2.0
Pivotx
Version 2.2.0 b1
Pivotx
Version 2.2.0 b2
Pivotx
Version 2.2.0 rc
Pivotx
Version 2.2.1
Pivotx
Version 2.2.2
Pivotx
Version 2.2.3
Pivotx
Version 2.2.5
Pivotx
Version 2.3.0
Pivotx
Version 2.3.2
Pivotx
Version 2.3.3
Pivotx
Version 2.3.5
Pivotx
Version 2.3.6
Pivotx
Version 2.3.7

References (8)

Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
Source: cret@cert.org
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource

Timeline

No history available yet.