Lucene search
HistoryApr 24, 2007 - 5:19 p.m.
CVE-2007-2182
cve-2007-2182
unrestricted file upload
vulnerability
forum_write.php
maran php forum
remote attackers
php files
%00
filename
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
High
0.054 Low
EPSS
Percentile
93.2%
Unrestricted file upload vulnerability in forum_write.php in Maran PHP Forum allows remote attackers to upload and execute arbitrary PHP files via a trailing %00 in a filename in the page parameter.
Affected configurations
Node
maranphp_forum
| CPE | Name | Operator | Version |
|---|---|---|---|
| maran:php_forum | maran php forum | eq | * |
Related
prion
prion
Unrestricted file upload
2007-04-24 17:19:00
cvelist
cvelist
CVE-2007-2182
2007-04-24 17:00:00
nvd
nvd
CVE-2007-2182
2007-04-24 17:19:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.4 High
AI Score
Confidence
High
0.054 Low
EPSS
Percentile
93.2%
Related for CVE-2007-2182