CVE

Id
59136  
CVE No.
CVE-2012-5893  
Status
Candidate  
Description
Unrestricted file upload vulnerability in hava_upload.php in Havalite CMS 1.1.0 and earlier allows remote attackers to execute arbitrary code by uploading a file with a .php;.gif extension, then accessing it via a direct request to the file in tmp/files/.  
Phase
Assigned (20121117)  
Votes
None (candidate not yet proposed)  
Comments