Arbitrary File Upload Vulnerability in ClipBucket

Arbitrary File Upload Vulnerability in ClipBucket

CVE-2018-7665 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beats_uploader.php or actions/photo_uploader.php, or the coverPhoto parameter to edit_account.php.

Learn more about our Web Application Penetration Testing UK.