Lucene search

[email protected]NVD:CVE-2010-0996

HistoryApr 20, 2010 - 4:30 p.m.

CVE-2010-0996

2010-04-2016:30:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

7.2

Confidence

Low

EPSS

0.02

Percentile

88.8%

JSON

Unrestricted file upload vulnerability in e107 before 0.7.20 allows remote authenticated users to execute arbitrary code by uploading a .php.filetypesphp file. NOTE: the vendor disputes the significance of this issue, noting that “an odd set of preferences and a missing file” are required.

Affected configurations

Nvd

Node

e107e107Range≤0.7.19

e107e107Match0.7

e107e107Match0.7.1

e107e107Match0.7.2

e107e107Match0.7.3

e107e107Match0.7.4

e107e107Match0.7.5

e107e107Match0.7.6

e107e107Match0.7.7

e107e107Match0.7.8

e107e107Match0.7.9

e107e107Match0.7.10

e107e107Match0.7.11

e107e107Match0.7.12

e107e107Match0.7.13

e107e107Match0.7.14

e107e107Match0.7.15

e107e107Match0.7.16

e107e107Match0.7.17

e107e107Match0.7.18

e107e107Match0.545

e107e107Match0.547beta

e107e107Match0.548beta

e107e107Match0.549beta

e107e107Match0.551beta

e107e107Match0.552beta

e107e107Match0.553beta

e107e107Match0.554

e107e107Match0.554beta

e107e107Match0.555beta

e107e107Match0.600

e107e107Match0.601

e107e107Match0.602

e107e107Match0.603

e107e107Match0.604

e107e107Match0.605

e107e107Match0.606

e107e107Match0.607

e107e107Match0.608

e107e107Match0.609

e107e107Match0.610

e107e107Match0.611

e107e107Match0.612

e107e107Match0.613

e107e107Match0.614

e107e107Match0.615

e107e107Match0.615a

e107e107Match0.616

e107e107Match0.617

e107e107Match0.6171

e107e107Match0.6172

e107e107Match0.6173

e107e107Match0.6174

e107e107Match0.6175

e107e107Match5.1

e107e107Match5.3beta

e107e107Match5.3beta2

e107e107Match5.04

e107e107Match5.4beta1

e107e107Match5.4beta2

e107e107Match5.4beta3

e107e107Match5.4beta4

e107e107Match5.4beta5

e107e107Match5.4beta6

e107e107Match5.05

e107e107Match5.21

VendorProductVersionCPE
e107e107*cpe:2.3:a:e107:e107:*:*:*:*:*:*:*:*
e107e1070.7cpe:2.3:a:e107:e107:0.7:*:*:*:*:*:*:*
e107e1070.7.1cpe:2.3:a:e107:e107:0.7.1:*:*:*:*:*:*:*
e107e1070.7.2cpe:2.3:a:e107:e107:0.7.2:*:*:*:*:*:*:*
e107e1070.7.3cpe:2.3:a:e107:e107:0.7.3:*:*:*:*:*:*:*
e107e1070.7.4cpe:2.3:a:e107:e107:0.7.4:*:*:*:*:*:*:*
e107e1070.7.5cpe:2.3:a:e107:e107:0.7.5:*:*:*:*:*:*:*
e107e1070.7.6cpe:2.3:a:e107:e107:0.7.6:*:*:*:*:*:*:*
e107e1070.7.7cpe:2.3:a:e107:e107:0.7.7:*:*:*:*:*:*:*
e107e1070.7.8cpe:2.3:a:e107:e107:0.7.8:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
e107	e107	*	cpe:2.3:a:e107:e107::::::::
e107	e107	0.7	cpe:2.3:a:e107:e107:0.7:::::::*
e107	e107	0.7.1	cpe:2.3:a:e107:e107:0.7.1:::::::*
e107	e107	0.7.2	cpe:2.3:a:e107:e107:0.7.2:::::::*
e107	e107	0.7.3	cpe:2.3:a:e107:e107:0.7.3:::::::*
e107	e107	0.7.4	cpe:2.3:a:e107:e107:0.7.4:::::::*
e107	e107	0.7.5	cpe:2.3:a:e107:e107:0.7.5:::::::*
e107	e107	0.7.6	cpe:2.3:a:e107:e107:0.7.6:::::::*
e107	e107	0.7.7	cpe:2.3:a:e107:e107:0.7.7:::::::*
e107	e107	0.7.8	cpe:2.3:a:e107:e107:0.7.8:::::::*