CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-4828

Unrestricted file upload vulnerability in includes/inline_image_upload.php in AutoSec Tools V-CMS 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in temp/.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.812

EPSS Ranking 99.1%

CVSS Severity

CVSS v2 Score 7.5

References

http://bugs.v-cms.org/changelog_page.php
http://bugs.v-cms.org/view.php?id=53
http://secunia.com/advisories/46861
http://www.autosectools.com/Advisory/V-CMS-1.0-Arbitrary-Upload-236
http://www.securityfocus.com/bid/50706
http://bugs.v-cms.org/changelog_page.php
http://bugs.v-cms.org/view.php?id=53
http://secunia.com/advisories/46861
http://www.autosectools.com/Advisory/V-CMS-1.0-Arbitrary-Upload-236
http://www.securityfocus.com/bid/50706

Products affected by CVE-2011-4828

Autosectools » V-Cms » Version: 1.0

cpe:2.3:a:autosectools:v-cms:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4828

Products

Pricing

Contact Us