Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6684


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-6684
Last Modified 13 Apr 2009 12:00:00
Published 10 Apr 2009 06:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Unrestricted file upload vulnerability in editimage.php in Apartment Search Script allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a GIF header, then accessing this file via a direct request to a renamed file in Member_Admin/logo/.

Vulnerable Systems


  • Yourfreeworld Apartment Search Script


XF - apartment-listtesst-file-upload(46283)

BID - 32065

MILW0RM - 6956

Last Updated: 27 May 2016 10:49:17