CVE-2008-6751

EPSS 2.52%
Veröffentlicht 24.04.2009 14:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Unrestricted file upload vulnerability in index.php in the Twitter Clone (TClone) plugin for ReVou Micro Blogging allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in settings/my_photo.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Revou ≫ Tclone

Revou ≫ Revou

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.52%	0.85

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://osvdb.org/51706

http://secunia.com/advisories/33247

Vendor Advisory

http://www.securityfocus.com/bid/32954

https://exchange.xforce.ibmcloud.com/vulnerabilities/47500

https://www.exploit-db.com/exploits/7531

https://nvd.nist.gov/vuln/detail/CVE-2008-6751

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-6751

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-6751

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2008-6751