CVE-2008-0233

EPSS 2.01%
Published 11.01.2008 02:46:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and earlier allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files by uploading an avatar file with an accepted Content-Type such as image/jpeg.

Affected products Warnungen 0 Metrics 2 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Zero Cms ≫ Zero Cms Version1.0_alpha

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.01%	0.82

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://packetstormsecurity.org/0801-exploits/zerocms-sql.txt

https://www.exploit-db.com/exploits/4864

https://nvd.nist.gov/vuln/detail/CVE-2008-0233

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-0233

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-0233

EUVD