Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.8
CVSSv2

CVE-2008-7215

Published: 11/09/2009 Updated: 11/10/2018
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Subscribe to Mambo-foundation

Vulnerability Summary

The Image Manager in MOStlyCE prior to 2.4, as used in Mambo 4.6.3 and previous versions, allows remote malicious users to rename arbitrary files and cause a denial of service via modified file[NewFile][name], file[NewFile][tmp_name], and file[NewFile][size] parameters in a FileUpload command, which are used to modify equivalent variables in $_FILES that are accessed when the is_uploaded_file check fails.

Vulnerable Product Search on Vulmon Subscribe to Product

mambo-foundation mambo

mambo-foundation mambo 4.6.2

brilaps mostlyce

References

CWE-20http://forum.mambo-foundation.org/showthread.php?t=10158http://www.vupen.com/english/advisories/2008/0325http://archives.neohapsis.com/archives/bugtraq/2008-02/0444.htmlhttp://osvdb.org/42532http://www.bugreport.ir/index_33.htmhttp://secunia.com/advisories/28670http://www.securityfocus.com/bid/27472https://exchange.xforce.ibmcloud.com/vulnerabilities/39986http://www.securityfocus.com/archive/1/487128/100/200/threadedhttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644unprivilegedCVE-2024-3494CVE-2024-22460CVE-2024-26026CVE-2024-23473firewallCVE-2024-28889XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook