Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7157


Vulnerability Score 6.8 6.8
CVE Id CVE-2008-7157
Last Modified 09 Sep 2009 12:00:00
Published 02 Sep 2009 01:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE



Unrestricted file upload vulnerability in EkinBoard 1.1.0 and earlier allows remote attackers to execute arbitrary code by uploading an avatar file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in uploaded/avatars/.

Vulnerable Systems


  • Ekinboard 1.1.0


XF - ekinboard-upload-file-upload(39507)

BID - 27166

MILW0RM - 4859

Last Updated: 27 May 2016 10:49:29