Lucene search
MitreCVE-2008-6518HistoryMar 25, 2009 - 6:30 p.m.
CVE-2008-6518
2009-03-2518:30:00
CWE-94
mitre
web.nvd.nist.gov
31
cve-2008-6518
unrestricted file upload
vidiscript
remote authenticated users
arbitrary code
security vulnerability
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.6
Confidence
Low
EPSS
0.007
Percentile
80.5%
Unrestricted file upload vulnerability in the profile feature in VidiScript allows registered remote authenticated users to execute arbitrary code by uploading a PHP file as an Avatar, then accessing the avatar via a direct request.
Affected configurations
Node
vidiscriptvidiscriptMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| vidiscript | vidiscript | - | cpe:2.3:a:vidiscript:vidiscript:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-6518
2009-03-25 18:00:00
exploitdb
exploitdb
VidiScript (Avatar) - Arbitrary File Upload
2008-08-18 00:00:00
nvd
nvd
CVE-2008-6518
2009-03-25 18:30:00
prion
prion
Unrestricted file upload
2009-03-25 18:30:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.6
Confidence
Low
EPSS
0.007
Percentile
80.5%
Related for CVE-2008-6518