Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1958

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2008-1958
Last Modified 05 Sep 2008 05:39:11
Published 25 Apr 2008 03:05:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-1958

Summary

Unrestricted file upload vulnerability in the ajout_cat mode in admin/main.php in Tr Script News 2.1 allows remote authenticated users to execute arbitrary code by uploading a file with a .php extension.

Vulnerable Systems

Application

  • Easyscripts Tr Script News 2.1


References

MILW0RM - 5483

SECUNIA - 29814

XF - trscriptnews-main-file-upload(41953)


Last Updated: 27 May 2016 10:47:42