Search Results | AttackerKB

Show filters

Clear All

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

1 Total Results

Displaying 1-1 of 1

Attacker Value

Very High

Bludit 3.9.2 remote code execution

Disclosure Date: September 08, 2019 (last updated October 06, 2023)

Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname.

1 Total Results

Displaying 1-1 of 1

Very High

Bludit 3.9.2 remote code execution

Quick Cookie Notification