Vulnerability Details CVE-2012-6498
Unrestricted file upload vulnerability in index.php in Atomymaxsite 2.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file, as exploited in the wild in October 2012.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 79.2%
CVSS Severity
CVSS v2 Score 6.8
References
Products affected by CVE-2012-6498
-
cpe:2.3:a:maxtom:atomymaxsite:1.50
-
cpe:2.3:a:maxtom:atomymaxsite:2.0
-
cpe:2.3:a:maxtom:atomymaxsite:2.5