Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7005

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2008-7005
Last Modified 19 Aug 2009 12:00:00
Published 19 Aug 2009 06:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-7005

Summary

include/modules/top/1-random_quote.php in Minb Is Not a Blog (minb) 0.1.0 allows remote attackers to execute arbitrary PHP code via the quotes_to_edit parameter. NOTE: this issue has been reported as an unrestricted file upload by some sources, but that is a potential consequence of code execution.

Vulnerable Systems

Application

  • Minb Is Not A Blog 0.1.0


References

XF - minb-randomquote-file-upload(45054)

BID - 31127

BUGTRAQ - 20080911 minb Remote Code Execution Exploit

MILW0RM - 6432

OSVDB - 51805


Last Updated: 27 May 2016 10:49:26