Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 3:14 a.m.10 views

CVE-2015-7309

The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it...

6.5CVSS7.5AI score0.38611EPSS
Exploits2References1
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.39 views

CVE-2015-7309 affecting package bolt 0.9.2-2

CVE-2015-7309 affecting package bolt 0.9.2-2. This CVE either no longer is or was never applicable...

6.5CVSS7.5AI score0.38611EPSS
Exploits2
Rosalinux
Rosalinux
added 2021/07/02 4:34 p.m.51 views

Advisory ROSA-SA-2021-1809

Software: bolt 0.7 OS: Cobalt 7.9 CVE-ID: CVE-2015-7309 CVE-Crit: HIGH CVE-DESC: The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, allowing remote authenticated users to execute arbitrary code by renaming a created file and then directly accessing it...

8.8CVSS6.8AI score0.38611EPSS
Exploits12
CVE
CVE
added 2015/09/22 3:0 p.m.168 views

CVE-2015-7309

CVE-2015-7309 impacts Bolt CMS: the theme editor (pre-2.2.5) does not validate file extensions when renaming files, enabling remote authenticated users to execute arbitrary PHP code by renaming a crafted file and then directly accessing it. The vulnerability stems from the lack of extension check...

6.5CVSS7.4AI score0.38611EPSS
Exploits2References6Affected Software1
Cvelist
Cvelist
added 2015/09/22 3:0 p.m.26 views

CVE-2015-7309

The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it...

8.5AI score0.38611EPSS
Exploits2References6
Circl
Circl
added 2015/09/15 12:0 a.m.24 views

CVE-2015-7309

creationtimestamp| type| source ---|---|--- 2015-09-15 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/38196 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/boltfileupload.rb 2025-02-06 03:13:42+00:00| seen|...

6.5CVSS8.4AI score0.38611EPSS
Exploits2References2
Rows per page
Query Builder