Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4422

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2005-4422
Last Modified 05 Sep 2008 04:56:50
Published 20 Dec 2005 06:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2005-4422

Summary

Unrestricted file upload vulnerability in toendaCMS before 0.6.2 Stable allows remote authenticated administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in data/images/albums.

Vulnerable Systems

Application

  • Toenda Software Development Toendacms 0.6.1


References

BID - 15351

BUGTRAQ - 20051107 SEC Consult SA-20051107-0 :: toendaCMS multiple vulnerabilites

SECUNIA - 17471

MISC - http://www.toenda.com/de/data/files/Software/toendaCMS_Version_0.6.0_Stable/toendaCMS_0.6.2.1_Stable.zip


Last Updated: 27 May 2016 10:41:18