Описание
Unrestricted file upload vulnerability in the powermail extension before 1.6.11 and 2.x before 2.0.14 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with a crafted extension, then accessing it via unspecified vectors.
Комментарий
Vendor advisory - http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-007/
Уязвимые конфигурации
Конфигурация 1Версия до 1.6.10 (включая)
Одно из
cpe:2.3:a:alex_kellner:powermail:*:*:*:*:*:typo3:*:*
cpe:2.3:a:alex_kellner:powermail:2.0.0:*:*:*:*:typo3:*:*
cpe:2.3:a:alex_kellner:powermail:2.0.1:*:*:*:*:typo3:*:*
cpe:2.3:a:alex_kellner:powermail:2.0.2:*:*:*:*:typo3:*:*
cpe:2.3:a:alex_kellner:powermail:2.0.3:*:*:*:*:typo3:*:*
cpe:2.3:a:alex_kellner:powermail:2.0.4:*:*:*:*:typo3:*:*
cpe:2.3:a:alex_kellner:powermail:2.0.5:*:*:*:*:typo3:*:*
cpe:2.3:a:alex_kellner:powermail:2.0.6:*:*:*:*:typo3:*:*
cpe:2.3:a:alex_kellner:powermail:2.0.7:*:*:*:*:typo3:*:*
cpe:2.3:a:alex_kellner:powermail:2.0.8:*:*:*:*:typo3:*:*
cpe:2.3:a:alex_kellner:powermail:2.0.9:*:*:*:*:typo3:*:*
cpe:2.3:a:alex_kellner:powermail:2.0.10:*:*:*:*:typo3:*:*
EPSS
Процентиль: 82%
0.01727
Низкий
7.5 High
CVSS2
Дефекты
CWE-94
Связанные уязвимости
ubuntu
больше 11 лет назад
Unrestricted file upload vulnerability in the powermail extension before 1.6.11 and 2.x before 2.0.14 for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with a crafted extension, then accessing it via unspecified vectors.
github
больше 3 лет назад
TYPO3 powermail extension has unrestricted file upload vulnerability
EPSS
Процентиль: 82%
0.01727
Низкий
7.5 High
CVSS2
Дефекты
CWE-94