CVE-2012-6498 Information

Description

Unrestricted file upload vulnerability in index.php in Atomymaxsite 2.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension then accessing it via a direct request to the file as exploited in the wild in October 2012.

Reference

http://thaicert.or.th/alerts/admin/2012/al2012ad025.html http://www.youtube.com/watch?v=CfvTCSS3LGY