Published: 14/10/2008 Updated: 11/10/2018

CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9

VMScore: 265

Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N

The ImageShack Toolbar ActiveX control (ImageShackToolbar.dll) in ImageShack Toolbar 4.5.7, possibly including 4.5.7.69, allows remote malicious users to force the upload of arbitrary image files to the ImageShack site via a file: URI argument to the BuildSlideShow method.

Vulnerable Product	Search on Vulmon	Subscribe to Product
imageshack imageshack toolbar 4.5.7
imageshack imageshack toolbar 4.5.7.69

<!-- ImageShack Toolbar 457 FileUploader Class (ImageShackToolbardll) insecure method poc This tool may allow a malicious web page to post arbitrary images on the web from a user hard drive Images will be visible on ImageShack site, a way for an attacker to retrieve them maybe tag search or by understanding the renaming operation, ex "_" c ...

CWE-20 http://secunia.com/advisories/28644 http://www.securityfocus.com/bid/27439 http://securityreason.com/securityalert/4410 http://osvdb.org/40628 https://exchange.xforce.ibmcloud.com/vulnerabilities/39921 https://www.exploit-db.com/exploits/4981 http://www.securityfocus.com/archive/1/486941/100/200/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/4981/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-4549

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect