CVE-2005-0269

Опубликовано: 02 мая 2005

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters.

Ссылки

http://marc.info/?l=bugtraq&m=110477648219738&w=2
Exploit
Mailing List
http://secunia.com/advisories/13711
Broken Link
http://www.securityfocus.com/bid/12149
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/18729
Third Party Advisory
VDB Entry
http://marc.info/?l=bugtraq&m=110477648219738&w=2
Exploit
Mailing List
http://secunia.com/advisories/13711
Broken Link
http://www.securityfocus.com/bid/12149
Broken Link
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/18729
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sir:gnuboard:*:*:*:*:*:*:*:*

Версия до 3.40 (включая)

EPSS

Процентиль: 82%

0.01763

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-178

Связанные уязвимости

GHSA-m65m-xrgm-j736