Lucene search

K
cve[email protected]CVE-2007-6650
HistoryJan 04, 2008 - 11:46 a.m.

CVE-2007-6650

2008-01-0411:46:00
CWE-264
web.nvd.nist.gov
17
cve-2007-6650
unrestricted file upload
vulnerability
bitweaver r2 cms
remote attackers

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.4%

Unrestricted file upload vulnerability in fisheye/upload.php in Bitweaver R2 CMS allows remote attackers to upload arbitrary files by using the image/gif content type, and possibly other image and PDF content types, as demonstrated by uploading a .htaccess file.

Affected configurations

NVD
Node
bitweaverr2_cms
CPENameOperatorVersion
bitweaver:r2_cmsbitweaver r2 cmseq*

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.4%

Related for CVE-2007-6650