Lucene search
MitreCVE-2008-6931HistoryAug 11, 2009 - 9:00 p.m.
CVE-2008-6931
2009-08-1121:00:00
CWE-264
mitre
web.nvd.nist.gov
23
cve-2008-6931
unrestricted file upload
phpstore job search
phpcareers
remote code execution
nvd
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.008
Percentile
81.8%
Unrestricted file upload vulnerability in PHPStore Job Search (aka PHPCareers) allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a resume photo, then accessing it via a direct request to the file in jobseekers/jobseeker_profile_images.
Affected configurations
Node
phpstorephpcareers
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpstore | phpcareers | * | cpe:2.3:a:phpstore:phpcareers:*:*:*:*:*:*:*:* |
Related
prion
prion
Unrestricted file upload
2009-08-11 21:00:00
nvd
nvd
CVE-2008-6931
2009-08-11 21:00:00
exploitdb
exploitdb
PHPStore PHP Job Search Script - Arbitrary File Upload
2008-11-10 00:00:00
cvelist
cvelist
CVE-2008-6931
2009-08-11 20:25:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.008
Percentile
81.8%
Related for CVE-2008-6931