exploitDog

CVE-2007-5401

Опубликовано: 09 янв. 2008

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

Unrestricted file upload vulnerability in uploadrequest.asp in Layton HelpBox 3.7.1 allows remote authenticated users to upload and execute arbitrary ASP files, related to not properly checking file extensions.

Ссылки

http://secunia.com/advisories/27699
Vendor Advisory
http://secunia.com/secunia_research/2007-94/advisory/
Vendor Advisory
http://www.securityfocus.com/bid/27187
https://exchange.xforce.ibmcloud.com/vulnerabilities/39536
http://secunia.com/advisories/27699
Vendor Advisory
http://secunia.com/secunia_research/2007-94/advisory/
Vendor Advisory
http://www.securityfocus.com/bid/27187
https://exchange.xforce.ibmcloud.com/vulnerabilities/39536

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:layton_technology:helpbox:3.7.1:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00498

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-f7j8-j35p-xgv9

github

почти 4 года назад

Unrestricted file upload vulnerability in uploadrequest.asp in Layton HelpBox 3.7.1 allows remote authenticated users to upload and execute arbitrary ASP files, related to not properly checking file extensions.

EPSS

Процентиль: 65%

0.00498

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-264