exploitDog

CVE-2007-1129

Опубликовано: 27 фев. 2007

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action.

Комментарий

Per: http://cwe.mitre.org/data/definitions/434.html 'CWE-434: Unrestricted Upload of File with Dangerous Type'

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mtcms:mtcms:3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 72%

0.00713

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-4xv5-r984-3vrr

github

почти 4 года назад

Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action.

EPSS

Процентиль: 72%

0.00713

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other