Lucene search

PRIOn knowledge basePRION:CVE-2014-2042

HistoryApr 28, 2014 - 2:09 p.m.

Unrestricted file upload

2014-04-2814:09:00

PRIOn knowledge base

www.prio-n.com

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

80.7%

JSON

Unrestricted file upload vulnerability in the Manage Project functionality in Livetecs Timelive before 6.5.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a predictable directory in Uploads/.

CPENameOperatorVersion
timelineeq4.3.1
timelineeq3.8.1
timelineeq4.9.1
timelineeq5.2.1
timelineeq6.2.4
timelineeq3.5.1
timelineeq3.6.1
timelineeq6.2.3
timelineeq3.7.1
timelineeq3.0.1

Name	Operator	Version
timeline	eq	4.3.1
timeline	eq	3.8.1
timeline	eq	4.9.1
timeline	eq	5.2.1
timeline	eq	6.2.4
timeline	eq	3.5.1
timeline	eq	3.6.1
timeline	eq	6.2.3
timeline	eq	3.7.1
timeline	eq	3.0.1

Rows per page:

1-10 of 241

References

seclists.org/fulldisclosure/2014/Apr/260

www.securityfocus.com/archive/1/531914/100/0/threaded

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.008 Low

EPSS

Percentile

80.7%

JSON

Related for PRION:CVE-2014-2042