Lucene search
HistoryOct 03, 2014 - 2:55 p.m.
CVE-2014-6298
cve-2014-6298
unrestricted file upload
vulnerability
mm_forum
typo3
code execution
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.4%
Unrestricted file upload vulnerability in the mm_forum extension before 1.9.3 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.
Affected configurations
Node
mm_forum_projectmm_forumRange≤1.9.2typo3
ORmm_forum_projectmm_forumMatch0.1.0typo3
ORmm_forum_projectmm_forumMatch0.1.1typo3
ORmm_forum_projectmm_forumMatch0.1.2typo3
ORmm_forum_projectmm_forumMatch0.1.3typo3
ORmm_forum_projectmm_forumMatch0.1.4typo3
ORmm_forum_projectmm_forumMatch0.1.5typo3
ORmm_forum_projectmm_forumMatch0.1.6typo3
ORmm_forum_projectmm_forumMatch0.1.7typo3
ORmm_forum_projectmm_forumMatch0.1.8typo3
ORmm_forum_projectmm_forumMatch1.8.1typo3
ORmm_forum_projectmm_forumMatch1.8.2typo3
ORmm_forum_projectmm_forumMatch1.8.3typo3
ORmm_forum_projectmm_forumMatch1.9.0typo3
ORmm_forum_projectmm_forumMatch1.9.1typo3
Related
nvd
nvd
CVE-2014-6298
2014-10-03 14:55:09
prion
prion
Unrestricted file upload
2014-10-03 14:55:00
cvelist
cvelist
CVE-2014-6298
2014-10-03 14:00:00
typo3
typo3
Several vulnerabilities in extension mm_forum (mm_forum)
2014-02-12 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
8 High
AI Score
Confidence
Low
0.009 Low
EPSS
Percentile
82.4%
Related for CVE-2014-6298