Lucene search
MitreCVE-2008-1958HistoryApr 25, 2008 - 7:05 p.m.
CVE-2008-1958
2008-04-2519:05:00
CWE-94
mitre
web.nvd.nist.gov
20
cve-2008-1958
file upload vulnerability
tr script news 2.1
remote code execution
nvd
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.006
Percentile
78.1%
Unrestricted file upload vulnerability in the ajout_cat mode in admin/main.php in Tr Script News 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with a .php extension.
Affected configurations
Node
easyscriptstr_script_newsMatch2.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| easyscripts | tr_script_news | 2.1 | cpe:2.3:a:easyscripts:tr_script_news:2.1:*:*:*:*:*:*:* |
Related
prion
prion
Unrestricted file upload
2008-04-25 19:05:00
cvelist
cvelist
CVE-2008-1958
2008-04-25 14:00:00
nvd
nvd
CVE-2008-1958
2008-04-25 19:05:00
exploitdb
exploitdb
TR News 2.1 - 'nb' SQL Injection
2008-04-21 00:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.3
Confidence
High
EPSS
0.006
Percentile
78.1%
Related for CVE-2008-1958