Lucene search
K

4 matches found

NVD
NVD
added 2007/10/05 11:17 p.m.14 views

CVE-2007-5230

admin/uploadfiles.php in Zomplog 3.8.1 and earlier does not check for administrative credentials, which allows remote attackers to perform administrative actions via a direct request. NOTE: this can be leveraged for code execution by exploiting CVE-2007-5231...

7.5CVSS7.1AI score0.04663EPSS
Exploits0References3
Prion
Prion
added 2007/10/05 11:17 p.m.18 views

Design/Logic Flaw

admin/uploadfiles.php in Zomplog 3.8.1 and earlier does not check for administrative credentials, which allows remote attackers to perform administrative actions via a direct request. NOTE: this can be leveraged for code execution by exploiting CVE-2007-5231...

7.5CVSS7.5AI score0.04663EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/10/05 11:0 p.m.40 views

CVE-2007-5230

CVE-2007-5230 concerns Zomplog 3.8.1 and earlier where admin/upload_files.php does not require administrative credentials, enabling remote attackers to perform administrative actions via a direct request. This is linked to CVE-2007-5231, which describes an unrestricted file upload vulnerability i...

7.5CVSS7.1AI score0.04663EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/10/05 11:0 p.m.60 views

CVE-2007-5231

CVE-2007-5231 affects Zomplog prior to 3.8.1: an unrestricted file upload in admin/upload_files.php allows remote authenticated administrators to upload and execute arbitrary PHP files by sending a modified MIME type. Note that CVE-2007-5230 shows this can be leveraged for code execution and coul...

4.6CVSS7.1AI score0.01945EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder