๐ Unrestricted file upload vulnerability
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: portal.patchman.co
Utilizing this vulnerability, a form submitter could bypass Contact Form 7โs filename sanitization, and upload a file which could be executed as a script file on the host server.
This vulnerability affects the following application versions:
- Contact Form 7 3.5.3
- Contact Form 7 3.5.4
- Contact Form 7 3.6
- Contact Form 7 3.7
- Contact Form 7 3.7.1
- Contact Form 7 3.7.2
- Contact Form 7 3.8
- Contact Form 7 3.8.1
- Contact Form 7 3.9
- Contact Form 7 3.9.1
- Contact Form 7 3.9.2
- Contact Form 7 3.9.3
- Contact Form 7 3.9-beta
- Contact Form 7 4.0
- Contact Form 7 4.0.1
- Contact Form 7 4.0.2
- Contact Form 7 4.0.3
- Contact Form 7 4.1
- Contact Form 7 4.1.1
- Contact Form 7 4.1.2
- Contact Form 7 4.1-beta
- Contact Form 7 4.2
- Contact Form 7 4.2.1
- Contact Form 7 4.2.2
- Contact Form 7 4.2-beta
- Contact Form 7 4.3
- Contact Form 7 4.3.1
- Contact Form 7 4.4
- Contact Form 7 4.4.1
- Contact Form 7 4.4.2
- Contact Form 7 4.5
- Contact Form 7 4.5.1
- Contact Form 7 4.6
- Contact Form 7 4.6.1
- Contact Form 7 4.7
- Contact Form 7 4.8
- Contact Form 7 4.8.1
- Contact Form 7 4.9
- Contact Form 7 4.9.1
- Contact Form 7 4.9.2
- Contact Form 7 5.0
- Contact Form 7 5.0.1
- Contact Form 7 5.0.2
- Contact Form 7 5.0.3
- Contact Form 7 5.0.4
- Contact Form 7 5.0.5
- Contact Form 7 5.1
- Contact Form 7 5.1.1
- Contact Form 7 5.1.2
- Contact Form 7 5.1.3
- Contact Form 7 5.1.4
- Contact Form 7 5.1.5
- Contact Form 7 5.1.6
- Contact Form 7 5.1.7
- Contact Form 7 5.1.8
- Contact Form 7 5.1.9
- Contact Form 7 5.2
- Contact Form 7 5.2.1
- Contact Form 7 5.2.2
- Contact Form 7 5.3
- Contact Form 7 5.3.1