Lucene search
MitreCVE-2008-7076HistoryAug 25, 2009 - 10:30 a.m.
CVE-2008-7076
2009-08-2510:30:00
CWE-264
mitre
web.nvd.nist.gov
24
cve-2008-7076
file upload
vulnerability
kalptaru infotech ltd.
star articles 6.0
remote code execution
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.008
Percentile
81.2%
Unrestricted file upload vulnerability in user.modify.profile.php in Kalptaru Infotech Ltd. Star Articles 6.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as a profile photo, then accessing it via a direct request to the file in authorphoto/.
Affected configurations
Node
kalptaru_infotechstararticlesMatch6.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| kalptaru_infotech | stararticles | 6.0 | cpe:2.3:a:kalptaru_infotech:stararticles:6.0:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2008-7076
2009-08-25 10:00:00
prion
prion
Unrestricted file upload
2009-08-25 10:30:00
exploitdb
exploitdb
Star Articles 6.0 - Arbitrary File Upload
2008-11-27 00:00:00
nvd
nvd
CVE-2008-7076
2009-08-25 10:30:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.008
Percentile
81.2%
Related for CVE-2008-7076