Lucene search

K
cve[email protected]CVE-2008-6207
HistoryFeb 20, 2009 - 1:30 a.m.

CVE-2008-6207

2009-02-2001:30:05
CWE-20
web.nvd.nist.gov
23
cve-2008-6207
unrestricted file upload
phpg upload
arbitrary code execution
security vulnerability

7.3 High

AI Score

Confidence

High

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

72.1%

Unrestricted file upload vulnerability in form_upload.php in PHPG Upload 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected configurations

NVD
Node
phpg_uploadphpg_uploadMatch1.0

7.3 High

AI Score

Confidence

High

8.5 High

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

72.1%

Related for CVE-2008-6207