Lucene search
HistoryFeb 06, 2007 - 2:28 a.m.
CVE-2007-0764
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.004
Percentile
73.6%
Unrestricted file upload vulnerability in F3Site 2.1 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP scripts via GIF86 header in a file in the uplf parameter, which can be later accessed via a relative pathname in the dir parameter in adm.php.
Affected configurations
Node
f3sitef3siteMatch2.1
Related
cve
cve
CVE-2007-0764
2007-02-06 02:28:00
prion
prion
Unrestricted file upload
2007-02-06 02:28:00
cvelist
cvelist
CVE-2007-0764
2007-02-06 02:00:00
exploitdb
exploitdb
F3Site 2.1 - Remote Code Execution
2007-02-02 00:00:00
securityvulns
securityvulns
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7
Confidence
Low
EPSS
0.004
Percentile
73.6%
Related for NVD:CVE-2007-0764