Lucene search
MitreCVE-2008-3181HistoryJul 15, 2008 - 6:41 p.m.
CVE-2008-3181
2008-07-1518:41:00
CWE-20
mitre
web.nvd.nist.gov
31
vulnerability
file upload
contentnow cms
cve-2008-3181
nvd
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.007
Percentile
80.7%
Unrestricted file upload vulnerability in upload.php in ContentNow CMS 1.4.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/.
Affected configurations
Node
content_nowcontent_nowMatch1.4.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| content_now | content_now | 1.4.1 | cpe:2.3:a:content_now:content_now:1.4.1:*:*:*:*:*:*:* |
Related
prion
prion
Unrestricted file upload
2008-07-15 18:41:00
cvelist
cvelist
CVE-2008-3181
2008-07-15 18:03:00
nvd
nvd
CVE-2008-3181
2008-07-15 18:41:00
exploitdb
exploitdb
ContentNow 1.4.1 - Arbitrary File Upload / Cross-Site Scripting
2008-07-06 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.007
Percentile
80.7%
Related for CVE-2008-3181