CVE-2008-4509

Exploit

EPSS 7.66%
Veröffentlicht 09.10.2008 18:00:02
Zuletzt bearbeitet 16.06.2026 22:57:57
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Unrestricted file upload vulnerability in processFiles.php in FOSS Gallery Admin and FOSS Gallery Public 1.0 beta allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the root directory.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 9

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Foss Gallery ≫ Foss Gallery Version1.0 Updatebeta Editionadmin

Foss Gallery ≫ Foss Gallery Version1.0 Updatebeta Editionpublic

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	7.66%	0.938

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://securityreason.com/securityalert/4379

http://www.securityfocus.com/bid/31574

Exploit

https://exchange.xforce.ibmcloud.com/vulnerabilities/45683

https://www.exploit-db.com/exploits/6670

https://www.exploit-db.com/exploits/6674

https://www.exploit-db.com/exploits/6680

https://nvd.nist.gov/vuln/detail/CVE-2008-4509

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-4509

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-4509

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2008-4509