CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-6668

admin/uploadgames.php in MySpace Content Zone (MCZ) 3.x does not require administrative privileges, which allows remote attackers to perform unrestricted file uploads, as demonstrated by uploading (1) a .php file and (2) a .php%00.jpeg file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.039

EPSS Ranking 87.8%

CVSS Severity

CVSS v2 Score 7.5

References

http://osvdb.org/40211
http://secunia.com/advisories/28159
http://www.securityfocus.com/bid/27062
https://www.exploit-db.com/exploits/4741
http://osvdb.org/40211
http://secunia.com/advisories/28159
http://www.securityfocus.com/bid/27062
https://www.exploit-db.com/exploits/4741

Products affected by CVE-2007-6668

Peergoal » Myspace Content Zone » Version: Any

cpe:2.3:a:peergoal:myspace_content_zone:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-6668

Products

Pricing

Contact Us