Adobe Stock API integration 4.8 Unrestricted Upload of File with Dangerous Type Vulnerability

Summary

Reset/modules/advanced_form_maker_edit/multiupload/upload.php in the RESET.PRO Adobe Stock API integration 4.8.

Credit:

The information has been provided by Andrea Iodice

The original article can be found at:https://ia-informatica.com/it/CVE-2019-19595


Details

PrestaShop allows remote attackers to execute arbitrary code by uploading a .php file.

 

Vulnerable Systems:

Adobe Stock API integration 4.8

 

CVE Information:

CVE-2019-19595

 

Disclosure Timeline:
Published Date:12/5/2019

Categories: FeaturedNews