CVE-2007-4262

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-4262
Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/.

8.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:S/C:C/I:C/A:C

Exploitability : 6.8 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://secunia.com/advisories/26341
http://securityreason.com/securityalert/2985
http://www.airscanner.com/security/07080601_ezphotosales.htm
http://www.informit.com/guides/content.asp?g=security&seqNum=267
http://www.informit.com/guides/content.asp?g=security&seqNum=268
http://www.securityfocus.com/archive/1/475678/100/0/threaded
http://www.securityfocus.com/bid/25323
Configurations

Configuration 1 (hide)

cpe:2.3:a:ez_photo_sales:ez_photo_sales:*:*:*:*:*:*:*:*
History

No history.

Information

Published : 2007-08-08 23:17

Updated : 2024-02-28 11:01

NVD link : CVE-2007-4262

Mitre link : CVE-2007-4262

CVE.ORG link : CVE-2007-4262

JSON object : View

Products Affected

ez_photo_sales

  • ez_photo_sales
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024