Lucene search

[email protected]CVE-2007-0972

HistoryFeb 16, 2007 - 1:28 a.m.

CVE-2007-0972

2007-02-1601:28:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

jupiter cms

file upload vulnerability

cve-2007-0972

nvd

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.059 Low

EPSS

Percentile

93.3%

JSON

Unrestricted file upload vulnerability in modules/emoticons.php in Jupiter CMS 1.1.5 allows remote attackers to upload arbitrary files by modifying the HTTP request to send an image content type, and to omit is_guest and is_user parameters. NOTE: this issue might be related to CVE-2006-4875.

CPENameOperatorVersion
jupiter_cms:jupiter_cmsjupiter cmseq1.1.5

CPE	Name	Operator	Version
jupiter_cms:jupiter_cms	jupiter cms	eq	1.1.5

References

mgsdl.free.fr/advisories/12070214.txt

osvdb.org/33728

www.acid-root.new.fr/advisories/12070214.txt

www.securityfocus.com/archive/1/460076/100/0/threaded

www.securityfocus.com/archive/1/460100/100/0/threaded

www.securityfocus.com/bid/22560

exchange.xforce.ibmcloud.com/vulnerabilities/32517

www.exploit-db.com/exploits/3311

7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.059 Low

EPSS

Percentile

93.3%

JSON

Related for CVE-2007-0972

prion1 cve1 securityvulns1