Vulnerability Details CVE-2007-3773
Cross-site request forgery (CSRF) vulnerability in the Email-Template module in Generic YouTube Clone Script allows remote attackers to upload files with arbitrary file types to templates/emails/ as administrators.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.8%
CVSS Severity
CVSS v2 Score 9.3
References
- http://chxsecurity.org/advisories/adv-2-mid.txt
- http://osvdb.org/38692
- http://securityreason.com/securityalert/2896
- http://www.securityfocus.com/archive/1/473192/100/0/threaded
- http://chxsecurity.org/advisories/adv-2-mid.txt
- http://osvdb.org/38692
- http://securityreason.com/securityalert/2896
- http://www.securityfocus.com/archive/1/473192/100/0/threaded
Products affected by CVE-2007-3773
-
cpe:2.3:a:generic_youtube_clone_script:generic_youtube_clone_script:*