Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4262

Overview

Vulnerability Score 8.5 8.5
CVE Id CVE-2007-4262
Last Modified 05 Sep 2008 05:27:48
Published 08 Aug 2007 07:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2007-4262

Summary

Unrestricted file upload vulnerability in EZPhotoSales 1.9.3 and earlier allows remote authenticated administrators to upload and execute arbitrary PHP code under OnlineViewing/galleries/.

Vulnerable Systems

Application

  • Ez Photo Sales 1.9.3


References

BUGTRAQ - 20070806 EZPhotoSales 1.9.3 Multiple Vulnerabilities

MISC - http://www.informit.com/guides/content.asp?g=security&seqNum=268

MISC - http://www.informit.com/guides/content.asp?g=security&seqNum=267

MISC - http://www.airscanner.com/security/07080601_ezphotosales.htm

BID - 25323

SREASON - 2985

SECUNIA - 26341


Last Updated: 27 May 2016 10:45:49