CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dmcms: >> Dmcms Security Vulnerabilities

CVE-2007-2214

Unrestricted file upload vulnerability in includes/upload_file.php in DmCMS allows remote attackers to upload arbitrary PHP scripts by placing a script's contents in both the File2 and File3 parameters, and sending a ok.php?do=act Referer.

CVSS Score

7.5

EPSS Score

0.007

Published

2007-04-24

Page 1

Vulnerabilities

Vulnerable Software

Dmcms: >> Dmcms Security Vulnerabilities

Products

Pricing

Contact Us