Lucene search
MitreCVE-2008-1790HistoryApr 15, 2008 - 5:05 p.m.
CVE-2008-1790
2008-04-1517:05:00
CWE-264
mitre
web.nvd.nist.gov
18
cve-2008-1790
file upload vulnerability
iscripts socialware
unrestricted file upload
remote exploitation
sql injection vulnerability
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.004
Percentile
72.2%
Unrestricted file upload vulnerability in iScripts SocialWare allows remote authenticated administrators to upload arbitrary files via a crafted logo file in the “Manage Settings” functionality. NOTE: remote exploitation is facilitated by a separate SQL injection vulnerability.
Affected configurations
Node
iscriptssocialware
| Vendor | Product | Version | CPE |
|---|---|---|---|
| iscripts | socialware | * | cpe:2.3:a:iscripts:socialware:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2008-1790
2008-04-15 17:05:00
prion
prion
Unrestricted file upload
2008-04-15 17:05:00
cvelist
cvelist
CVE-2008-1790
2008-04-15 17:00:00
exploitdb
exploitdb
iScripts Socialware - 'id' SQL Injection
2008-04-07 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.2
Confidence
Low
EPSS
0.004
Percentile
72.2%
Related for CVE-2008-1790