Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2018-7665 - Vulnerability Database
ClipBucket

ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2018-7665

Critical
Reference: CVE-2018-7665
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-7665
Title: ClipBucket Unrestricted Upload of File with Dangerous Type Vulnerability
Overview:

An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php or the coverPhoto parameter to edit_account.php.