Lucene search

[email protected]NVD:CVE-2004-2743

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-2743

2004-12-3105:00:00

CWE-264

[email protected]

web.nvd.nist.gov

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.4%

JSON

upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files.

Affected configurations

NVD

Node

raditha_dissanayakemega_upload_progress_barMatch1.30

raditha_dissanayakemega_upload_progress_barMatch1.35

raditha_dissanayakemega_upload_progress_barMatch1.43

raditha_dissanayakemega_upload_progress_barMatch1.44

References

secunia.com/advisories/12993

securitytracker.com/id?1011960

sourceforge.net/project/shownotes.php?release_id=277989

www.osvdb.org/11171

www.raditha.com/blog/archives/000547.html

www.securityfocus.com/bid/11547

exchange.xforce.ibmcloud.com/vulnerabilities/17882

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

6.8 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.4%

JSON

Related for NVD:CVE-2004-2743

cve1 cvelist1