CVE-2007-5231 - CERT CVE
ID CVE-2007-5231
Sažetak Unrestricted file upload vulnerability in admin/upload_files.php in Zomplog 3.8.1 and earlier allows remote authenticated administrators to upload and execute arbitrary .php files by sending a modified MIME type. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2007-5230.
Reference
CVSS
Base: 4.6
Impact: 6.4
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK HIGH SINGLE
Impact
PovjerljivostCjelovitostDostupnost
PARTIAL PARTIAL PARTIAL
CVSS vektor AV:N/AC:H/Au:S/C:P/I:P/A:P
Zadnje važnije ažuriranje 19-10-2017 - 01:30
Objavljeno 05-10-2007 - 23:17