Fullrevolution » Aspwebcalendar2008 : Security Vulnerabilities, CVEs, (Code Execution)
Unrestricted file upload vulnerability in calendar_admin.asp in Full Revolution aspWebCalendar 2008 allows remote attackers to upload and execute arbitrary code via the FILE1 parameter in an uploadfileprocess action, probably followed by a direct request to the file in calendar/eventimages/.
Max CVSS
10.0
EPSS Score
2.15%
Published
2008-06-24
Updated
2017-09-29
1 vulnerabilities found