Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2015-2780

Published: 16/10/2017 Updated: 07/11/2017
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

Unrestricted file upload vulnerability in Berta CMS allows remote malicious users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.

Vulnerable Product Search on Vulmon Subscribe to Product

berta berta cms

Exploits

Exploit DB: Berta CMS - Arbitrary File Upload
Berta CMS is a web based content management system using PHP and local file storage wwwbertame/ Due to use of a 3rd party Berta CMS website to redirect links within a phishing email brought to our attention we checked the file upload functionality of this software We found that the file upload didn't require authentication Images wi ...

References

CWE-434https://www.exploit-db.com/exploits/36520/http://www.openwall.com/lists/oss-security/2015/03/28/4http://seclists.org/fulldisclosure/2015/Mar/155https://nvd.nist.govhttps://www.exploit-db.com/exploits/36520/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519open redirectCVE-2024-21683cache poisoningCVE-2021-47524CVE-2021-47521CVE-2024-5229CVE-2021-47560local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook