Lucene search
MitreCVE-2009-4817HistoryApr 27, 2010 - 3:30 p.m.
CVE-2009-4817
2010-04-2715:30:00
mitre
web.nvd.nist.gov
21
cve-2009-4817
file upload vulnerability
remote code execution
element-it ultimate uploader 1.3
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.035
Percentile
91.6%
Unrestricted file upload vulnerability in Element-IT Ultimate Uploader 1.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in upload/.
Affected configurations
Node
element-itultimate_uploaderMatch1.3.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| element-it | ultimate_uploader | 1.3.0 | cpe:2.3:a:element-it:ultimate_uploader:1.3.0:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2009-4817
2010-04-27 15:30:00
prion
prion
Unrestricted file upload
2010-04-27 15:30:00
cvelist
cvelist
CVE-2009-4817
2010-04-27 15:00:00
exploitdb
exploitdb
Ultimate Uploader 1.3 - Arbitrary File Upload
2009-12-21 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.9
Confidence
Low
EPSS
0.035
Percentile
91.6%
Related for CVE-2009-4817