Vulnerability Details CVE-2013-3590
Unrestricted file upload vulnerability in admin/uploadImage.html in SearchBlox before 7.5 build 1 allows remote attackers to execute arbitrary code by uploading an executable file with the image/jpeg content type, and then accessing this file via unspecified vectors, as demonstrated by access to a JSP file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.018
EPSS Ranking 81.9%
CVSS Severity
CVSS v2 Score 6.8
References
Products affected by CVE-2013-3590
-
cpe:2.3:a:searchblox:searchblox:-
-
cpe:2.3:a:searchblox:searchblox:6.2
-
cpe:2.3:a:searchblox:searchblox:6.3
-
cpe:2.3:a:searchblox:searchblox:6.4
-
cpe:2.3:a:searchblox:searchblox:7.0
-
cpe:2.3:a:searchblox:searchblox:7.1
-
cpe:2.3:a:searchblox:searchblox:7.2
-
cpe:2.3:a:searchblox:searchblox:7.3
-
cpe:2.3:a:searchblox:searchblox:7.4
-
cpe:2.3:a:searchblox:searchblox:7.5