PT-2007-2582 · Webspell · Webspell

Published

2007-02-27

Updated

2018-10-16

CVE-2007-1155

CVSS v2.0

4.6

Medium

Vector

AV:N/AC:H/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions webSPELL (affected versions not specified)

Description The issue concerns an unrestricted file upload vulnerability. This vulnerability allows remote authenticated administrators to upload and execute arbitrary PHP code via the add squad feature.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2007-1155

Affected Products

Webspell

PT-2007-2582 · Webspell · Webspell

CVE-2007-1155

Weakness Enumeration

Related Identifiers

Affected Products

References · 4