Lucene search

PRIOn knowledge basePRION:CVE-2010-0996

HistoryApr 20, 2010 - 4:30 p.m.

Unrestricted file upload

2010-04-2016:30:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.3%

JSON

Unrestricted file upload vulnerability in e107 before 0.7.20 allows remote authenticated users to execute arbitrary code by uploading a .php.filetypesphp file. NOTE: the vendor disputes the significance of this issue, noting that “an odd set of preferences and a missing file” are required.

CPENameOperatorVersion
e107eq0.6175
e107eq5.3 beta
e107eq0.616
e107eq0.7.10
e107eq0.6174
e107eq5.05
e107eq0.615.97
e107eq0.7.7
e107eq5.21
e107eq0.7.13

Name	Operator	Version
e107	eq	0.6175
e107	eq	5.3 beta
e107	eq	0.616
e107	eq	0.7.10
e107	eq	0.6174
e107	eq	5.05
e107	eq	0.615.97
e107	eq	0.7.7
e107	eq	5.21
e107	eq	0.7.13

Rows per page:

1-10 of 661

References

e107.org/comment.php?comment.news.864

e107.org/svn_changelog.php?version=0.7.20

secunia.com/advisories/39013

secunia.com/secunia_research/2010-44/

www.securityfocus.com/archive/1/510805/100/0/threaded

www.securityfocus.com/bid/39540

www.vupen.com/english/advisories/2010/0919

exchange.xforce.ibmcloud.com/vulnerabilities/57932

7.7 High

AI Score

Confidence

Low

6 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.3%

JSON

Related for PRION:CVE-2010-0996