VYPR
Unrated severityNVD Advisory· Published Sep 8, 2019· Updated Aug 5, 2024

CVE-2019-16113

CVE-2019-16113

Description

Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-images.php because PHP code can be entered with a .jpg file name, and then this PHP code can write other PHP code to a ../ pathname.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Bludit/Bluditdescription
  • Bludit/Bluditllm-fuzzy
    Range: = 3.9.2

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.