Fecmall

fecmall

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Fecmall

fecmall

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2019-17188 1Fecmall 1Fecmall Jun 17, 2026 Oct 4, 2019 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 An unrestricted file upload vulnerability was discovered in catalog/productinfo/imageupload in Fecshop FecMall 2.3.4. An attacker can bypass a front-end restriction and upload PHP code to the webserver, by providing imag...Show more An unrestricted file upload vulnerability was discovered in catalog/productinfo/imageupload in Fecshop FecMall 2.3.4. An attacker can bypass a front-end restriction and upload PHP code to the webserver, by providing image data and the image/jpeg content type, with a .php extension. This occurs because the code relies on the getimagesize function.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2019-17188

1Fecmall

Jun 17, 2026

Oct 4, 2019

N/A· v4

7.2 HIGH· v3

6.5 MEDIUM· v2

An unrestricted file upload vulnerability was discovered in catalog/productinfo/imageupload in Fecshop FecMall 2.3.4. An attacker can bypass a front-end restriction and upload PHP code to the webserver, by providing image data and the image/jpeg content type, with a .php extension. This occurs because the code relies on the getimagesize function.Show less