PT-2003-1656 · Tutos · Tutos

François Sorin

Published

2003-06-28

Updated

2016-10-18

CVE-2003-0482

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: TUTOS version 1.1

Description: The issue allows remote attackers to execute arbitrary code. This is achieved by uploading the code using the file new.php endpoint, then directly accessing the uploaded code via a request to the repository containing the code.

Recommendations: For TUTOS version 1.1, consider restricting access to the file new.php endpoint to prevent unauthorized code uploads until a fix is available. Additionally, restrict direct access to the repository to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2003-0482

Affected Products

Tutos

PT-2003-1656 · Tutos · Tutos

CVE-2003-0482

Related Identifiers

Affected Products

References · 3