Unrated severityNVD Advisory· Published Nov 25, 2008· Updated Apr 23, 2026
CVE-2008-5220
CVE-2008-5220
Description
Unrestricted file upload vulnerability in admin/upload_form.php in wPortfolio 0.3 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in admin/tmp/.
Affected products
2cpe:2.3:a:wportfolio:wportfolio:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:wportfolio:wportfolio:*:*:*:*:*:*:*:*range: <=0.3
- cpe:2.3:a:wportfolio:wportfolio:0.2:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.