Arbitrary File Upload Vulnerability in Vanguard Marketplace Digital Products PHP 1.4
CVE-2017-17874 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:P/A:P
Vanguard Marketplace Digital Products PHP 1.4 allows arbitrary file upload via an "Add a new product" or "Add a product preview" action, which can make a .php file accessible under a uploads/ URI.
Learn more about our Web Application Penetration Testing UK.