Vulnerability Details CVE-2015-0868
Unrestricted file upload vulnerability in Mrs. Shiromuku Perl CGI shiromuku(bu2)BBS before 2.91 allows remote attackers to execute arbitrary code by uploading an executable file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://jvn.jp/en/jp/JVN94502417/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000008
- http://www.t-okada.com/cgi-bin/sb2_data/sb2_data_news.cgi?action=data_list&cat=16#495
- http://jvn.jp/en/jp/JVN94502417/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2015-000008
- http://www.t-okada.com/cgi-bin/sb2_data/sb2_data_news.cgi?action=data_list&cat=16#495
Products affected by CVE-2015-0868
-
cpe:2.3:a:shiromuku:bu2_bbs:2.36
-
cpe:2.3:a:shiromuku:bu2_bbs:2.40
-
cpe:2.3:a:shiromuku:bu2_bbs:2.50
-
cpe:2.3:a:shiromuku:bu2_bbs:2.60
-
cpe:2.3:a:shiromuku:bu2_bbs:2.70
-
cpe:2.3:a:shiromuku:bu2_bbs:2.80
-
cpe:2.3:a:shiromuku:bu2_bbs:2.81
-
cpe:2.3:a:shiromuku:bu2_bbs:2.90