CVE-2015-3884
HIGHqdPM 9.1 Authenticated Arbitrary PHP File Upload (RCE)
Title source: metasploitDescription
Unrestricted file upload vulnerability in the (1) myAccount, (2) projects, (3) tasks, (4) tickets, (5) discussions, (6) reports, and (7) scheduler pages in qdPM 8.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/attachments/ or uploads/users/.
Exploits (2)
metasploit
WORKING POC
EXCELLENT
by Rishal Dwivedi (Loginsoft), Leon Trappett (thepcn3rd), Giacomo Casoni · rubypocphp
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/qdpm_authenticated_rce.rb
metasploit
WORKING POC
EXCELLENT
by loneferret, sinn3r · rubypocphp
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/qdpm_upload_exec.rb
Scores
CVSS v3
8.8
EPSS
0.7292
EPSS Percentile
98.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-434
Status
published
Products (1)
qdpm/qdpm
< 9.1
Published
Mar 17, 2017
Tracked Since
Feb 18, 2026