CVE-2007-1255
Published Mar 3, 2007
Last updated 6 years ago
Overview
- Description
- Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated administrators to execute arbitrary PHP code by uploading a crafted GIF smiley image with a .php extension via the uploadimage parameter to admin.php, which can be later accessed via a direct request for the file in smileys/. NOTE: this can be leveraged with a separate SQL injection issue for remote unauthenticated attacks.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6
- Impact score
- 6.4
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A5697238-ED12-40AF-87F5-42D5768800B7"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BE38981D-9CF2-433E-8810-6030EC832105"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A2BC277-396B-4B8B-8263-162CBEFFF018"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6AE0598A-10D0-458F-92F5-57920FF1CC55"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B55C55CA-8FE6-4544-B2BB-5492BED5D1F1"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ECA1DDA5-F74F-4E51-B773-B1D5963DBF1F"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3009E669-72F1-4F78-901E-7252A3DC7D78"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B311CD0D-F28A-4828-9B95-706D14AC7331"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4243ECCE-E2AF-400F-BC10-E5A80FCBFEE7"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.5.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4BA82EC7-07F8-4FB4-90CF-A8B5680E42EC"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.5.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "071809EB-CB31-434D-A973-2B8E395167C8"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F117FB93-A4D9-46F0-A4CB-49183C66AAC8"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.6.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F81D304-CF6F-4700-91E8-BAB3D80FAE0C"
},
{
"criteria": "cpe:2.3:a:connectix:connectix_boards:0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "777E612F-6B0D-403A-8117-A16EC7CE6F77"
}
],
"operator": "OR"
}
]
}
]