CVE-2007-1726

Опубликовано: 28 мар. 2007

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

Unrestricted file upload vulnerability in index.php in IceBB 1.0-rc5 allows remote authenticated users to upload arbitrary files via the avatar function, which can later be accessed in uploads/.

Ссылки

http://osvdb.org/34498
http://secunia.com/advisories/24644
Vendor Advisory
http://www.securityfocus.com/bid/23151
http://www.vupen.com/english/advisories/2007/1116
https://exchange.xforce.ibmcloud.com/vulnerabilities/33242
https://www.exploit-db.com/exploits/3581
http://osvdb.org/34498
http://secunia.com/advisories/24644
Vendor Advisory
http://www.securityfocus.com/bid/23151
http://www.vupen.com/english/advisories/2007/1116
https://exchange.xforce.ibmcloud.com/vulnerabilities/33242
https://www.exploit-db.com/exploits/3581

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:icebb:icebb:1.0_rc_5:*:*:*:*:*:*:*

EPSS

Процентиль: 93%

0.09255

Низкий

6.5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-63wg-q9qh-rfxv

github

почти 4 года назад