Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6
CVSSv2

CVE-2010-1514

Published: 15/06/2010 Updated: 18/06/2010
CVSS v2 Base Score: 6 | Impact Score: 6.4 | Exploitability Score: 6.8
VMScore: 534
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Vulnerability Summary

Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and previous versions allows remote authenticated users, with certain privileges, to execute arbitrary PHP code by uploading an image file, and then accessing it via a direct request to the file in an unspecified directory.

Vulnerable Product Search on Vulmon Subscribe to Product

tomatocms tomatocms 2.0.1

tomatocms tomatocms 2.0.3

tomatocms tomatocms

tomatocms tomatocms 2.0.5

tomatocms tomatocms 2.0.3.1622

tomatocms tomatocms 2.0.3.1430

tomatocms tomatocms 2.0.4

tomatocms tomatocms 2.0.0

tomatocms tomatocms 2.0.2

References

NVD-CWE-Otherhttp://holisticinfosec.org/content/view/148/45/http://www.securityfocus.com/bid/40544http://secunia.com/secunia_research/2010-57/http://secunia.com/advisories/39680https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976CVE-2024-33557CVE-2024-36801CVE-2024-35654authentication bypassCVE-2024-24919CSRFcode executionCVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook