6.8
CVE-2008-6541
- EPSS 0.4%
- Veröffentlicht 30.03.2009 01:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginUnrestricted file upload vulnerability in the file manager module in DotNetNuke before 4.8.2 allows remote administrators to upload arbitrary files and gain privileges to the server via unspecified vectors.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dotnetnuke ≫ Dotnetnuke Version <= 4.8.1
Dotnetnuke ≫ Dotnetnuke Version1.0.6
Dotnetnuke ≫ Dotnetnuke Version1.0.7
Dotnetnuke ≫ Dotnetnuke Version1.0.8
Dotnetnuke ≫ Dotnetnuke Version1.0.9
Dotnetnuke ≫ Dotnetnuke Version1.0.10d
Dotnetnuke ≫ Dotnetnuke Version1.0.10e
Dotnetnuke ≫ Dotnetnuke Version2.1.1
Dotnetnuke ≫ Dotnetnuke Version2.1.2
Dotnetnuke ≫ Dotnetnuke Version3.0.7
Dotnetnuke ≫ Dotnetnuke Version3.0.8
Dotnetnuke ≫ Dotnetnuke Version3.0.11
Dotnetnuke ≫ Dotnetnuke Version3.1.0
Dotnetnuke ≫ Dotnetnuke Version3.3.5
Dotnetnuke ≫ Dotnetnuke Version4.0
Dotnetnuke ≫ Dotnetnuke Version4.3.5
Dotnetnuke ≫ Dotnetnuke Version4.5.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.4% | 0.579 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.