Vulnerability Details CVE-2004-1448
Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IMAGES module to upload PHP files and execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.022
EPSS Ranking 83.7%
CVSS Severity
CVSS v2 Score 4.6
References
- http://echo.or.id/adv/adv03-y3dips-2004.txt
- http://secunia.com/advisories/12230/
- http://www.kb.cert.org/vuls/id/417408
- http://www.securityfocus.com/archive/1/370852
- http://www.securityfocus.com/bid/10859
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16900
- http://echo.or.id/adv/adv03-y3dips-2004.txt
- http://secunia.com/advisories/12230/
- http://www.kb.cert.org/vuls/id/417408
- http://www.securityfocus.com/archive/1/370852
- http://www.securityfocus.com/bid/10859
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16900
Products affected by CVE-2004-1448
-
cpe:2.3:a:jetbox:jetbox_one_cms:2.0.8