CVE-2004-2262
7.5
CVSS Score
High
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Link copied!
Description
ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Affected Software Configurations
- a e107 e107 * * * * * * * *
Weaknesses (CWE)
- CWE-434
References & External Links
- http://e107.org/comment.php?comment.news.672
- http://secunia.com/advisories/13657
- http://securitytracker.com/id?1012657
- http://www.osvdb.org/12586
- http://www.securityfocus.com/bid/12111
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18670
- https://www.exploit-db.com/exploits/704
- http://e107.org/comment.php?comment.news.672
- http://secunia.com/advisories/13657
- http://securitytracker.com/id?1012657
- http://www.osvdb.org/12586
- http://www.securityfocus.com/bid/12111
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18670
- https://www.exploit-db.com/exploits/704
External Resources
CVE History Timeline
Jul 25, 2005 13:49
Initial Analysis
Jul 11, 2017 01:31
CVE Modified
Oct 19, 2017 01:29
CVE Modified
Jan 26, 2024 19:10
Modified Analysis
May 14, 2024 01:27
CVE Modified
Nov 20, 2024 23:52
CVE Modified