Lucene search
JpcertCVE-2015-7773HistoryNov 20, 2015 - 3:59 a.m.
CVE-2015-7773
2015-11-2003:59:02
jpcert
web.nvd.nist.gov
26
cve-2015-7773
unrestricted file upload
bastian allgeier kirby
nvd
security vulnerability
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.003
Percentile
68.6%
Unrestricted file upload vulnerability in the Panel component in Bastian Allgeier Kirby before 2.1.2 allows remote authenticated users to execute arbitrary PHP code by uploading a file that lacks an extension, and then renaming this file to have a .php extension.
Affected configurations
Node
bastian_allgeierkirbyRange≤2.1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bastian_allgeier | kirby | * | cpe:2.3:a:bastian_allgeier:kirby:*:*:*:*:*:*:*:* |
Related
jvn
jvn
JVN#34780384: Kirby vulnerable to arbitrary file creation
2015-11-17 00:00:00
prion
prion
Unrestricted file upload
2015-11-20 03:59:00
cvelist
cvelist
CVE-2015-7773
2015-11-20 02:00:00
nvd
nvd
CVE-2015-7773
2015-11-20 03:59:02
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.4
Confidence
Low
EPSS
0.003
Percentile
68.6%
Related for CVE-2015-7773