Ydvmtzv

1 exploit Active since Jun 2012
CVE-2012-3576 NOMISEC WORKING POC
wpStoreCart < 2.5.30 - Unauthenticated Arbitrary File Upload and Remote Code Execution via upload.php
Unrestricted file upload vulnerability in php/upload.php in the wpStoreCart plugin before 2.5.30 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/wpstorecart.