CVE-2007-3018

Опубликовано: 17 июл. 2007

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

activeWeb contentserver CMS before 5.6.2964 does not limit the file-creation ability of editors who have restricted accounts, which allows these editors to create files in arbitrary directories.

Ссылки

http://osvdb.org/39746
http://secunia.com/advisories/26063
Vendor Advisory
http://securityreason.com/securityalert/2899
http://www.redteam-pentesting.de/advisories/rt-sa-2007-007.php
http://www.securityfocus.com/archive/1/473629/100/0/threaded
http://www.securityfocus.com/bid/24900
https://exchange.xforce.ibmcloud.com/vulnerabilities/35400
http://osvdb.org/39746
http://secunia.com/advisories/26063
Vendor Advisory
http://securityreason.com/securityalert/2899
http://www.redteam-pentesting.de/advisories/rt-sa-2007-007.php
http://www.securityfocus.com/archive/1/473629/100/0/threaded
http://www.securityfocus.com/bid/24900
https://exchange.xforce.ibmcloud.com/vulnerabilities/35400

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:activeweb:contentserver:*:*:*:*:*:*:*:*

Версия до 5.6.2929 (включая)

EPSS

Процентиль: 66%

0.0052

Низкий

4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-x4cq-f9rj-m6f7

github

почти 4 года назад