CVE-2015-6968

Опубликовано: 16 сент. 2015

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

Multiple incomplete blacklist vulnerabilities in the serendipity_isActiveFile function in include/functions_images.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a (1) .pht or (2) .phtml extension.

Комментарий

CWE-434: Unrestricted Upload of File with Dangerous Type

Ссылки

http://blog.curesec.com/article/blog/Serendipity-201-Code-Execution-48.html
Exploit
http://blog.s9y.org/archives/265-Serendipity-2.0.2-Security-Fix-Release.html
Patch
Vendor Advisory
http://packetstormsecurity.com/files/133426/Serendipity-2.0.1-Shell-Upload.html
Exploit
http://seclists.org/fulldisclosure/2015/Sep/6
Exploit
Patch
http://blog.curesec.com/article/blog/Serendipity-201-Code-Execution-48.html
Exploit
http://blog.s9y.org/archives/265-Serendipity-2.0.2-Security-Fix-Release.html
Patch
Vendor Advisory
http://packetstormsecurity.com/files/133426/Serendipity-2.0.1-Shell-Upload.html
Exploit
http://seclists.org/fulldisclosure/2015/Sep/6
Exploit
Patch

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:s9y:serendipity:*:*:*:*:*:*:*:*

Версия до 2.0.1 (включая)

EPSS

Процентиль: 74%

0.00808

Низкий

6.5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2015-6968

ubuntu

больше 10 лет назад

CVE-2015-6968

debian

больше 10 лет назад

Multiple incomplete blacklist vulnerabilities in the serendipity_isAct ...

GHSA-r3fp-h5pq-v9m7

github

больше 3 лет назад

EPSS

Процентиль: 74%

0.00808

Низкий

6.5 Medium

CVSS2

Дефекты

NVD-CWE-Other