CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-6684

Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a renamed file in Member_Admin/logo/.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.02

EPSS Ranking 82.7%

CVSS Severity

CVSS v2 Score 6.8

References

http://www.securityfocus.com/bid/32065
https://exchange.xforce.ibmcloud.com/vulnerabilities/46283
https://www.exploit-db.com/exploits/6956
http://www.securityfocus.com/bid/32065
https://exchange.xforce.ibmcloud.com/vulnerabilities/46283
https://www.exploit-db.com/exploits/6956

Products affected by CVE-2008-6684

Yourfreeworld » Apartment Search Script » Version: Any

cpe:2.3:a:yourfreeworld:apartment_search_script:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6684

Products

Pricing

Contact Us