Vulnerability Details CVE-2012-3572
Open Source Competency Center (OSCC) MyMeeting 3.0.1 and earlier, and MyMesyuarat 09b-1, does not properly verify uploaded documents, which allows remote authenticated users to execute arbitrary PHP code via a crafted document.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.7%
CVSS Severity
CVSS v2 Score 6.0
References
- http://sourceforge.net/projects/mymesyuarat/files/mymesyuarat/mymesyuarat%20ver0.9b-2.zip/download
- http://www.mycert.org.my/en/services/advisories/mycert/2012/main/detail/904/index.html
- http://sourceforge.net/projects/mymesyuarat/files/mymesyuarat/mymesyuarat%20ver0.9b-2.zip/download
- http://www.mycert.org.my/en/services/advisories/mycert/2012/main/detail/904/index.html
Products affected by CVE-2012-3572
-
cpe:2.3:a:nurul_hidayah_hamazulan:mymesyuarat:09b-1
-
cpe:2.3:a:oscc:mymeeting:*