CVE-2017-15962
CRITICALiStock Management System 1.0 - Unauthenticated Arbitrary File Upload via User Profile
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2017-15962. PoCs published by Ihsan Sencan.
AI-analyzed exploit summary This is a writeup describing an arbitrary file upload vulnerability in iStock Management System 1.0. It provides URLs for exploitation but lacks actual exploit code or payload details.
Description
iStock Management System 1.0 allows Arbitrary File Upload via user/profile.
Exploits (1)
exploitdb
WRITEUP
by Ihsan Sencan · textwebappsphp
https://www.exploit-db.com/exploits/43097
This is a writeup describing an arbitrary file upload vulnerability in iStock Management System 1.0. It provides URLs for exploitation but lacks actual exploit code or payload details.
Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target:
iStock Management System 1.0
Auth required
Prerequisites:
Access to the user profile upload functionality
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/144433/iStock-Management-System-1.0-Arbitrary-File-Upload.html
Third Party Advisory, VDB Entry exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/43097/
Scores
CVSS v3
9.8
EPSS
0.0493
EPSS Percentile
91.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-434
Status
published
Products (1)
istock_management_system_project/istock_management_system
1.0
Published
Oct 29, 2017
Tracked Since
Feb 18, 2026