Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1552

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2003-1552
Last Modified 05 Sep 2008 04:37:13
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2003-1552

Summary

Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/.

Vulnerable Systems

Application

  • Graeme Uploader 1.1


References

XF - uploader-uploads-file-upload(11467)

BUGTRAQ - 20030304 uploader.php script

BUGTRAQ - 20030304 uploader.php vulnerability


Last Updated: 27 May 2016 10:38:24