CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1514

Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier allows remote authenticated users, with certain privileges, to execute arbitrary PHP code by uploading an image file, and then accessing it via a direct request to the file in an unspecified directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.4%

CVSS Severity

CVSS v2 Score 6.0

References

Products affected by CVE-2010-1514

Tomatocms » Tomatocms » Version: Any

cpe:2.3:a:tomatocms:tomatocms:*
Tomatocms » Tomatocms » Version: 2.0.0

cpe:2.3:a:tomatocms:tomatocms:2.0.0
Tomatocms » Tomatocms » Version: 2.0.1

cpe:2.3:a:tomatocms:tomatocms:2.0.1
Tomatocms » Tomatocms » Version: 2.0.2

cpe:2.3:a:tomatocms:tomatocms:2.0.2
Tomatocms » Tomatocms » Version: 2.0.3

cpe:2.3:a:tomatocms:tomatocms:2.0.3
Tomatocms » Tomatocms » Version: 2.0.3.1430

cpe:2.3:a:tomatocms:tomatocms:2.0.3.1430
Tomatocms » Tomatocms » Version: 2.0.3.1622

cpe:2.3:a:tomatocms:tomatocms:2.0.3.1622
Tomatocms » Tomatocms » Version: 2.0.4

cpe:2.3:a:tomatocms:tomatocms:2.0.4
Tomatocms » Tomatocms » Version: 2.0.5

cpe:2.3:a:tomatocms:tomatocms:2.0.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1514

Products

Pricing

Contact Us