Lucene search
K

4 matches found

NVD
NVD
added 2014/12/12 12:59 a.m.14 views

CVE-2014-7260

The Server Side Includes SSI implementation in the File Upload BBS component in ULTRAPOP.JP i-HTTPD allows remote attackers to execute arbitrary commands by uploading files containing commands in SSI directives...

7.5CVSS7.6AI score0.02103EPSS
Exploits0References3
CVE
CVE
added 2014/12/12 12:0 a.m.46 views

CVE-2014-7260

CVE-2014-7260 affects ULTRAPOP.JP i-HTTPD's File Upload BBS, where the Server Side Includes (SSI) implementation processes directives in uploaded files. The root cause is SSI handling that allows remote attackers to execute arbitrary commands by uploading crafted files containing SSI directives. ...

7.5CVSS7.8AI score0.02103EPSS
Exploits0References3Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/12/09 5:40 a.m.2 views

"File Upload BBS" of i-HTTPD vulnerable to remote command execution

Overview i-HTTPD is a web server for Windows, implementing Server Side Includes SSI. i-HTTPD contains "File Upload BBS". When "File Upload BBS" is activated, a user can upload files on the server, and i-HTTPD processes SSI directives in the uploaded files CWE-97. Yamagata of webappsec.jp reported...

7.5CVSS7AI score0.02103EPSS
Exploits0References5
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2014/12/09 12:0 a.m.38 views

JVN#16406395: "File Upload BBS" of i-HTTPD vulnerable to remote command execution

i-HTTPD is a web server for Windows, implementing Server Side Includes SSI. i-HTTPD contains "File Upload BBS". When "File Upload BBS" is activated, a user can upload files on the server, and i-HTTPD processes SSI directives in the uploaded files CWE-97. Impact An arbitrary command may be execute...

7.5CVSS6.8AI score0.02103EPSS
Exploits0
Rows per page
Query Builder