Vulnerability Details CVE-2005-0269
The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 82.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=110477648219738&w=2
- http://secunia.com/advisories/13711
- http://www.securityfocus.com/bid/12149
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18729
- http://marc.info/?l=bugtraq&m=110477648219738&w=2
- http://secunia.com/advisories/13711
- http://www.securityfocus.com/bid/12149
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18729