Description
Unrestricted file upload vulnerability in filesystem3.class.php in eFront 3.5.1 build 2710 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension as an avatar, then accessing it via a direct request to the file in (1) student/avatars/ or (2) professor/avatars/.
Exploits (1)
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/54294
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/31491
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/496851/100/0/threaded
Patch x_refsource_confirm
http://forum.efrontlearning.net/viewtopic.php?f=1&t=271
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6633
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/45574
Scores
EPSS
0.1037
EPSS Percentile
93.2%
Details
CWE
CWE-264
Status
published
Products (6)
efrontlearning/efront
3.1.0
efrontlearning/efront
3.1.2
efrontlearning/efront
3.1.3
efrontlearning/efront
3.1.4
efrontlearning/efront
3.5.0 (5 CPE variants)
efrontlearning/efront
< 3.5.1
Published
Aug 21, 2009
Tracked Since
Feb 18, 2026