Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-6822


Vulnerability Score 7.5 7.5
CVE Id CVE-2008-6822
Last Modified 11 Jun 2009 12:00:00
Published 04 Jun 2009 12:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a modified content type, then accessing this file via a direct request, as demonstrated by an upload with an image/jpeg content type. NOTE: some of these details are obtained from third party information.

Vulnerable Systems


  • Newearthpt Imgupload 1.0


XF - imgupload-uploadp-file-upload(46089)

BID - 31909

MILW0RM - 6830

SECUNIA - 32412

OSVDB - 49428

Last Updated: 27 May 2016 10:49:21