Lucene search
F5F5:K17156HistoryAug 20, 2015 - 12:00 a.m.
K17156 : PHP vulnerability CVE-2014-5298
2015-08-2000:00:00
my.f5.com
7
Security Advisory Description
FileUploadsFilter.php in X2Engine 4.1.7 and earlier, when running on case-insensitive file systems, allows remote attackers to bypass the upload blacklist and conduct unrestricted file upload attacks by uploading a file with an executable extension that contains uppercase letters, as demonstrated using a PHP program. (CVE-2014-5298)
Impact
There is no impact; F5 products are not affected by this vulnerability.
Related
cvelist
cvelist
CVE-2014-5298
2014-10-10 01:00:00
cve
cve
CVE-2014-5298
2014-10-10 01:55:11
securityvulns
securityvulns
packetstorm
packetstorm
X2Engine 4.1.7 Unrestricted File Upload
2014-09-23 00:00:00
f5
f5
SOL17156 - PHP vulnerability CVE-2014-5298
2015-08-20 00:00:00
prion
prion
Unrestricted file upload
2014-10-10 01:55:00
nvd
nvd
CVE-2014-5298
2014-10-10 01:55:11
zdt
zdt
X2Engine 4.1.7 PHP Object Injection / Unrestricted File Upload Vulnerabilies
2014-09-23 00:00:00
nessus
nessus
X2Engine < 4.2 Multiple Vulnerabilities
2015-02-23 00:00:00