Unrated severityNVD Advisory· Published Mar 25, 2008· Updated Apr 23, 2026

CVE-2008-1495

Description

Unrestricted file upload vulnerability in administrer/produits.php in PEEL, possibly 3.x and earlier, allows remote authenticated administrators to upload and execute arbitrary PHP files via a modified content type in an ajout action, as demonstrated by (1) image/gif and (2) application/pdf.

Affected products

Peel/Peel3 versions
cpe:2.3:a:peel:peel:1.0b:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:peel:peel:1.0b:*:*:*:*:*:*:*
- cpe:2.3:a:peel:peel:2.6:*:*:*:*:*:*:*
- cpe:2.3:a:peel:peel:2.7:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

realn.free.fr/releases/70207nvdExploit
www.securityfocus.com/bid/28346nvdExploit
secunia.com/advisories/29466nvdVendor Advisory
exchange.xforce.ibmcloud.com/vulnerabilities/41354nvd
www.exploit-db.com/exploits/5281nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000