4.6
CVE-2013-4465
- EPSS 2.38%
- Veröffentlicht 25.10.2013 23:55:04
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginUnrestricted file upload vulnerability in the avatar upload functionality in Simple Machines Forum before 2.0.6 and 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Simplemachines ≫ Simple Machines Forum Version <= 2.0.5
Simplemachines ≫ Simple Machines Forum Version1.0
Simplemachines ≫ Simple Machines Forum Version1.0.1
Simplemachines ≫ Simple Machines Forum Version1.0.2
Simplemachines ≫ Simple Machines Forum Version1.0.3
Simplemachines ≫ Simple Machines Forum Version1.0.4
Simplemachines ≫ Simple Machines Forum Version1.0.5
Simplemachines ≫ Simple Machines Forum Version1.0.6
Simplemachines ≫ Simple Machines Forum Version1.0.7
Simplemachines ≫ Simple Machines Forum Version1.0.8
Simplemachines ≫ Simple Machines Forum Version1.0.9
Simplemachines ≫ Simple Machines Forum Version1.0.10
Simplemachines ≫ Simple Machines Forum Version1.0.12
Simplemachines ≫ Simple Machines Forum Version1.0.13
Simplemachines ≫ Simple Machines Forum Version1.0.14
Simplemachines ≫ Simple Machines Forum Version1.0.15
Simplemachines ≫ Simple Machines Forum Version1.0.16
Simplemachines ≫ Simple Machines Forum Version1.0.17
Simplemachines ≫ Simple Machines Forum Version1.0.18
Simplemachines ≫ Simple Machines Forum Version1.0.19
Simplemachines ≫ Simple Machines Forum Version1.0.20
Simplemachines ≫ Simple Machines Forum Version1.0.21
Simplemachines ≫ Simple Machines Forum Version1.0.22
Simplemachines ≫ Simple Machines Forum Version1.0.23
Simplemachines ≫ Simple Machines Forum Version1.1
Simplemachines ≫ Simple Machines Forum Version1.1.1
Simplemachines ≫ Simple Machines Forum Version1.1.2
Simplemachines ≫ Simple Machines Forum Version1.1.3
Simplemachines ≫ Simple Machines Forum Version1.1.4
Simplemachines ≫ Simple Machines Forum Version1.1.5
Simplemachines ≫ Simple Machines Forum Version1.1.6
Simplemachines ≫ Simple Machines Forum Version1.1.7
Simplemachines ≫ Simple Machines Forum Version1.1.8
Simplemachines ≫ Simple Machines Forum Version1.1.9
Simplemachines ≫ Simple Machines Forum Version1.1.10
Simplemachines ≫ Simple Machines Forum Version1.1.11
Simplemachines ≫ Simple Machines Forum Version1.1.12
Simplemachines ≫ Simple Machines Forum Version1.1.13
Simplemachines ≫ Simple Machines Forum Version1.1.14
Simplemachines ≫ Simple Machines Forum Version1.1.15
Simplemachines ≫ Simple Machines Forum Version1.1.16
Simplemachines ≫ Simple Machines Forum Version1.1.17
Simplemachines ≫ Simple Machines Forum Version2.0
Simplemachines ≫ Simple Machines Forum Version2.0.1
Simplemachines ≫ Simple Machines Forum Version2.0.2
Simplemachines ≫ Simple Machines Forum Version2.0.3
Simplemachines ≫ Simple Machines Forum Version2.0.4
Simplemachines ≫ Simple Machines Forum Version2.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.38% | 0.817 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:N/AC:H/Au:S/C:P/I:P/A:P
|
http://download.simplemachines.org/index.php?thanks%3Bfilename=smf_2-0-6_changelog.txt
http://www.openwall.com/lists/oss-security/2013/10/23/6
http://www.openwall.com/lists/oss-security/2013/10/25/3
http://www.securityfocus.com/bid/63275
https://github.com/SimpleMachines/SMF2.1/issues/701