6.8
CVE-2008-6814
- EPSS 2.12%
- Veröffentlicht 28.05.2009 14:30:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginUnrestricted file upload vulnerability in image_upload.php in the SimpleBoard (com_simpleboard) component 1.0.1 and earlier for Mambo allows remote attackers to execute arbitrary code by uploading a file with an executable extension and an image/jpeg content type, then accessing this file via a direct request to the file in components/com_simpleboard/, a different vulnerability than CVE-2006-3528.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Jan De Graaff ≫ Com Simpleboard Version <= 1.0.1
Jan De Graaff ≫ Com Simpleboard Version0.9
Jan De Graaff ≫ Com Simpleboard Version0.9.1
Jan De Graaff ≫ Com Simpleboard Version0.9.2
Jan De Graaff ≫ Com Simpleboard Version1.0 Updaterc1
Jan De Graaff ≫ Com Simpleboard Version1.0 Updaterc2
Jan De Graaff ≫ Com Simpleboard Version1.0 Updaterc3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.12% | 0.837 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.