Lucene search
MitreCVE-2015-6967HistorySep 16, 2015 - 2:59 p.m.
CVE-2015-6967
2015-09-1614:59:09
mitre
web.nvd.nist.gov
43
2
cve
2015
6967
vulnerability
file upload
nibbleblog
remote code execution
security
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.075
Percentile
94.2%
Unrestricted file upload vulnerability in the My Image plugin in Nibbleblog before 4.0.5 allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in content/private/plugins/my_image/image.php.
Affected configurations
Node
nibbleblognibbleblogRange≤4.0.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| nibbleblog | nibbleblog | * | cpe:2.3:a:nibbleblog:nibbleblog:*:*:*:*:*:*:*:* |
References
Social References
More
Related
prion
prion
Unrestricted file upload
2015-09-16 14:59:00
cvelist
cvelist
CVE-2015-6967
2015-09-16 14:00:00
metasploit
metasploit
Nibbleblog File Upload Vulnerability
2015-09-10 00:05:36
exploitdb
exploitdb
Nibbleblog 4.0.3 - Arbitrary File Upload (Metasploit)
2015-10-19 00:00:00
nvd
nvd
CVE-2015-6967
2015-09-16 14:59:09
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.075
Percentile
94.2%
Related for CVE-2015-6967