Lucene search

[email protected]CVE-2012-6509

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2012-6509

2022-10-0316:15:28

[email protected]

web.nvd.nist.gov

cve

2012

6509

file upload

vulnerability

netart media car portal

remote attackers

arbitrary code

php

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.5%

JSON

Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg.

Affected configurations

NVD

Node

netartmediacar_portalMatch3.0

CPENameOperatorVersion
netartmedia:car_portalnetartmedia car portaleq3.0

CPE	Name	Operator	Version
netartmedia:car_portal	netartmedia car portal	eq	3.0

References

packetstormsecurity.org/files/112226/Car-Portal-CMS-3.0-CSRF-XSS-Shell-Upload.html

www.securityfocus.com/bid/53267

www.vulnerability-lab.com/get_content.php?id=502

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.5%

JSON

Related for CVE-2012-6509

prion1 nvd1 cvelist1