FreeWebshop 'ajax_save_name.php' Remote Code Execution Vulnerability Network Vulnerability

Summary

FreeWebshop is prone to a remote code-execution vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application. FreeWebshop 2.2.9 R2 is vulnerable prior versions may also be affected.

References

http://www.freewebshop.org
http://www.securityfocus.com/bid/50694

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe ColdFusion Information Disclosure Vulnerability
A-Blog 'sources/search.php' SQL Injection Vulnerability
ActivePerl perlIS.dll Buffer Overflow
Admbook PHP Code Injection Flaw
Adobe ColdFusion Authentication Bypass Vulnerability

Take action and discover your vulnerabilities