Description

Incomplete blacklist vulnerability in SuiteCRM 7.2.2 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension.

Remediation

References

CVE-2015-5946

Related Vulnerabilities

OpenSSL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3193)

MySQL CVE-2016-0650 Vulnerability (CVE-2016-0650)

WordPress Plugin Coditor-Code Editor Security Bypass (1.1)

WordPress Plugin NextGEN Gallery-WordPress Gallery Privilege Escalation (3.2.2)

Liferay Portal Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5327)

Severity

High

Classification

CVE-2015-5946 CWE-184 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities