Lucene search
HistoryJan 16, 2015 - 3:59 p.m.
CVE-2015-1059
cve-2015-1059
file upload
vulnerability
adaptcms
remote code execution
php
nvd
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.7%
Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in /app/webroot/uploads.
Affected configurations
Node
insanevisionsadaptcmsMatch3.0.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| insanevisions:adaptcms | insanevisions adaptcms | eq | 3.0.3 |
Related
zeroscience
zeroscience
AdaptCMS 3.0.3 Remote Command Execution Exploit
2015-01-05 00:00:00
prion
prion
Unrestricted file upload
2015-01-16 15:59:00
nvd
nvd
CVE-2015-1059
2015-01-16 15:59:08
cvelist
cvelist
CVE-2015-1059
2015-01-16 15:00:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
81.7%
Related for CVE-2015-1059