Lucene search
HistoryAug 30, 2005 - 11:45 a.m.
CVE-2005-2733
simple php blog
sphpblog
upload_img_cgi.php
remote code execution
file extensions
security vulnerability
7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.917 High
EPSS
Percentile
98.9%
upload_img_cgi.php in Simple PHP Blog (SPHPBlog) does not properly restrict file extensions of uploaded files, which could allow remote attackers to execute arbitrary code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| alexander_palmo:simple_php_blog | alexander palmo simple php blog | eq | 0.4.0 |
Related
packetstorm
packetstorm
Simple PHP Blog 0.4.0 Command Execution
2009-10-30 00:00:00
cvelist
cvelist
CVE-2005-2733
2005-08-29 04:00:00
CVE-2007-5071
2007-09-24 23:00:00
cve
cve
CVE-2007-5071
2007-09-24 23:17:00
nessus
nessus
Simple PHP Blog <= 0.4.0 Multiple Vulnerabilities
2005-08-27 00:00:00
prion
prion
Design/Logic Flaw
2007-09-24 23:17:00
7.6 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.917 High
EPSS
Percentile
98.9%
Related for CVE-2005-2733