Lucene search
HistoryOct 03, 2022 - 4:15 p.m.
CVE-2011-4828
cve-2011-4828
file upload
vulnerability
autosec tools
v-cms 1.0
security issue
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.951 High
EPSS
Percentile
99.3%
Unrestricted file upload vulnerability in includes/inline_image_upload.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in temp/.
Affected configurations
Node
autosectoolsv-cmsMatch1.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| autosectools:v-cms | autosectools v-cms | eq | 1.0 |
Related
packetstorm
packetstorm
V-CMS PHP File Upload And Execute
2012-04-17 00:00:00
dsquare
dsquare
V-CMS 1.0 File Upload
2012-04-19 00:00:00
nvd
nvd
CVE-2011-4828
2011-12-15 03:57:34
checkpoint_advisories
checkpoint_advisories
prion
prion
Unrestricted file upload
2011-12-15 03:57:00
cvelist
cvelist
CVE-2011-4828
2022-10-03 16:15:13
openvas
openvas
V-CMS Multiple Vulnerabilities
2011-12-23 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.951 High
EPSS
Percentile
99.3%
Related for CVE-2011-4828