Lucene search

[email protected]CVE-2007-4376

HistoryAug 16, 2007 - 6:17 p.m.

CVE-2007-4376

2007-08-1618:17:00

[email protected]

web.nvd.nist.gov

cve-2007-4376

unrestricted file upload

szymon kosok best top list

remote attackers

php files

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

High

EPSS

0.016

Percentile

87.4%

JSON

Unrestricted file upload vulnerability in banner-upload.php in Szymon Kosok Best Top List allows remote attackers to upload and execute arbitrary PHP files in banners/.

Affected configurations

NVD

Node

szymon_kosokbest_top_listRange≤2.11

VendorProductVersionCPE
szymon_kosokbest_top_listcpe:/a:szymon_kosok:best_top_list::::

Vendor	Product	Version	CPE
szymon_kosok	best_top_list		cpe:/a:szymon_kosok:best_top_list::::

References

osvdb.org/46401

securityreason.com/securityalert/3019

www.securityfocus.com/archive/1/476258/100/100/threaded

www.securityfocus.com/bid/25293

exchange.xforce.ibmcloud.com/vulnerabilities/35979

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

High

EPSS

0.016

Percentile

87.4%

JSON

Related for CVE-2007-4376

nvd1 cvelist1 prion1