PT-2007-5805 · Ourspace · Ourspace

Breaker_Unit

+1

·

Publicado

2007-08-31

·

Atualizado

2017-09-29

·

CVE-2007-4647

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions: Ourspace version 2.0.9
Description: The issue allows remote attackers to upload certain files via unspecified vectors, likely due to unrestricted functionality in the newswire/uploadmedia.cgi script.
Recommendations: For Ourspace version 2.0.9, restrict access to the newswire/uploadmedia.cgi script to prevent unauthorized file uploads until a fix is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2007-4647

Produtos afetados

Ourspace