CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
83.0%
includes/editor/insert_image.php in Pivot 1.30 RC2 and earlier creates the authentication credentials from parameters, which allows remote attackers to obtain privileges and upload arbitrary files via modified (1) pass and (2) session parameters, and (3) pass and (4) userlevel indices of the (a) Pivot_Vars[] or (b) Users[] array parameters.
retrogod.altervista.org/pivot_130RC2_xpl.html
secunia.com/advisories/20962
securityreason.com/securityalert/1214
www.osvdb.org/27126
www.securityfocus.com/archive/1/439495/100/0/threaded
www.securityfocus.com/bid/18881
www.vupen.com/english/advisories/2006/2744
exchange.xforce.ibmcloud.com/vulnerabilities/27671