Lucene search
MitreCVE-2008-6731HistoryApr 20, 2009 - 2:30 p.m.
CVE-2008-6731
2009-04-2014:30:00
CWE-20
mitre
web.nvd.nist.gov
27
cve-2008-6731
remote attackers
arbitrary php code
file upload
executable extension
security vulnerability
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.9
Confidence
Low
EPSS
0.054
Percentile
93.2%
Unrestricted file upload vulnerability in submitlink.php in FlexPHPLink Pro 0.0.7 allows remote attackers to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the renamed file in linkphoto/.
Affected configurations
Node
china-on-siteflexphplinkMatch0.0.7pro
| Vendor | Product | Version | CPE |
|---|---|---|---|
| china-on-site | flexphplink | 0.0.7 | cpe:2.3:a:china-on-site:flexphplink:0.0.7:*:pro:*:*:*:*:* |
Related
nvd
nvd
CVE-2008-6731
2009-04-20 14:30:00
prion
prion
Unrestricted file upload
2009-04-20 14:30:00
cvelist
cvelist
CVE-2008-6731
2009-04-20 14:06:00
exploitdb
exploitdb
Flexphplink Pro - Arbitrary File Upload
2008-12-28 00:00:00
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.9
Confidence
Low
EPSS
0.054
Percentile
93.2%
Related for CVE-2008-6731