GetSimpleCMS 3.2.1 Arbitrary File Upload

Thread Rating:

0 Vote(s) - 0 Average
1
2
3
4
5

Thread Modes

GetSimpleCMS 3.2.1 Arbitrary File Upload

shawn_a Offline

Lead Developer

Posts: 6,266
Threads: 181
Joined: Sep 2011

2013-12-27, 01:03:39

Well this is an authenticated upload, not some public thing. Who would you be protecting against ?
We do not even have real multi user support, so not users.

Of course you can rename a file extension, it is like a giant no shit sherlock.

If you have front side uploads then security needs to be handled much different.

NEW: SA Admin Toolbar Plugin | View All My Plugins
- Shawn A aka Tablatronix

Website Find

« Next Oldest | Next Newest »

Messages In This Thread

GetSimpleCMS 3.2.1 Arbitrary File Upload - by D.O. - 2013-12-26, 08:11:55

RE: GetSimpleCMS 3.2.1 Arbitrary File Upload - by shawn_a - 2013-12-26, 14:13:43

RE: GetSimpleCMS 3.2.1 Arbitrary File Upload - by D.O. - 2013-12-26, 16:51:25

RE: GetSimpleCMS 3.2.1 Arbitrary File Upload - by shawn_a - 2013-12-27, 01:03:39

RE: GetSimpleCMS 3.2.1 Arbitrary File Upload - by D.O. - 2013-12-27, 01:43:22

View a Printable Version

Users browsing this thread: 2 Guest(s)

Login
Username:
Password:	Lost Password?
	Remember me