Mega Upload upload.cgi Unspecified File List Issue
2004-10-26T06:49:00
ID OSVDB:11171 Type osvdb Reporter OSVDB Modified 2004-10-26T06:49:00
Description
Vulnerability Description
Mega Upload contains a flaw related to the way that the upload.cgi script qscript variable handles the list of uploaded files and may allow an attacker to perform an attack with an unknown impact. No further details have been provided.
Solution Description
Upgrade to version 1.45 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Short Description
Mega Upload contains a flaw related to the way that the upload.cgi script qscript variable handles the list of uploaded files and may allow an attacker to perform an attack with an unknown impact. No further details have been provided.
References:
Vendor URL: http://www.raditha.com/megaupload/
Vendor Specific News/Changelog Entry: http://www.raditha.com/blog/archives/000547.html
Vendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=277989
Security Tracker: 1011960
Secunia Advisory ID:12993
Mail List Post: http://archives.neohapsis.com/archives/secunia/2004-q4/0281.html
ISS X-Force ID: 17882
CVE-2004-2743
Bugtraq ID: 11547
{"title": "Mega Upload upload.cgi Unspecified File List Issue", "published": "2004-10-26T06:49:00", "references": [], "type": "osvdb", "enchantments": {"score": {"value": 5.7, "vector": "NONE", "modified": "2017-04-28T13:20:06", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2004-2743"]}], "modified": "2017-04-28T13:20:06", "rev": 2}, "vulnersScore": 5.7}, "cvelist": ["CVE-2004-2743"], "viewCount": 0, "affectedSoftware": [{"version": "1.43", "name": "Mega Upload", "operator": "eq"}, {"version": "1.44", "name": "Mega Upload", "operator": "eq"}], "id": "OSVDB:11171", "modified": "2004-10-26T06:49:00", "href": "https://vulners.com/osvdb/OSVDB:11171", "edition": 1, "description": "## Vulnerability Description\nMega Upload contains a flaw related to the way that the upload.cgi script qscript variable handles the list of uploaded files and may allow an attacker to perform an attack with an unknown impact. No further details have been provided.\n## Solution Description\nUpgrade to version 1.45 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nMega Upload contains a flaw related to the way that the upload.cgi script qscript variable handles the list of uploaded files and may allow an attacker to perform an attack with an unknown impact. No further details have been provided.\n## References:\nVendor URL: http://www.raditha.com/megaupload/\nVendor Specific News/Changelog Entry: http://www.raditha.com/blog/archives/000547.html\nVendor Specific News/Changelog Entry: http://sourceforge.net/project/shownotes.php?release_id=277989\nSecurity Tracker: 1011960\n[Secunia Advisory ID:12993](https://secuniaresearch.flexerasoftware.com/advisories/12993/)\nMail List Post: http://archives.neohapsis.com/archives/secunia/2004-q4/0281.html\nISS X-Force ID: 17882\n[CVE-2004-2743](https://vulners.com/cve/CVE-2004-2743)\nBugtraq ID: 11547\n", "bulletinFamily": "software", "reporter": "OSVDB", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:NONE/", "score": 6.4}, "lastseen": "2017-04-28T13:20:06"}
