7.5
CVE-2008-0233
- EPSS 2.21%
- Veröffentlicht 11.01.2008 02:46:00
- Zuletzt bearbeitet 16.06.2026 22:49:11
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginUnrestricted file upload vulnerability in Zero CMS 1.0 Alpha and earlier allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files by uploading an avatar file with an accepted Content-Type such as image/jpeg.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.21% | 0.803 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://packetstormsecurity.org/0801-exploits/zerocms-sql.txt
https://www.exploit-db.com/exploits/4864