CVE-2012-6509

Netartmedia Car Portal - Unrestricted File Upload

Title source: rule

Description

Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg.

Exploits (1)

exploitdb WRITEUP

webappsphp

https://www.exploit-db.com/exploits/18801

View Code ZIP pw:eip

References (3)

[Exploit] http://packetstormsecurity.org/files/112226/Car-Portal-CMS-3.0-CSRF-XSS-Shell-Upload.html

[Various Sources] http://www.vulnerability-lab.com/get_content.php?id=502

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/53267

Scores

EPSS 0.0489

EPSS Percentile 89.6%

Details

Status published

Products (1)

netartmedia/car_portal 3.0

Published Jan 24, 2013

Tracked Since Feb 18, 2026