The BlogAPI module does not validate the extension of files that it is used to upload, enabling users with the "administer content with blog api" permission to upload harmful files. This module uploads an IMPACT agent, creates a php file to execute the agent and then makes a request to the file. The result is an IMPACT agent running on the webserver.
This update adds support for Solaris platforms.
This update adds support for Solaris platforms.
CVE Link
Exploit Type - Old
Exploits/Remote
Product Name