CVE

Id
34483  
CVE No.
CVE-2008-4366  
Status
Candidate  
Description
Unrestricted file upload vulnerability in the image upload component in Camera Life 2.6.2b4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in a user directory under images/photos/upload.  
Phase
Assigned (20080930)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
377788 34483 CVE-2008-4366 MILW0RM:6594  View
377789 34483 CVE-2008-4366 URL:http://www.milw0rm.com/exploits/6594  View
377790 34483 CVE-2008-4366 BID:31456  View
377791 34483 CVE-2008-4366 URL:http://www.securityfocus.com/bid/31456  View
377792 34483 CVE-2008-4366 SREASON:4344  View
377793 34483 CVE-2008-4366 URL:http://securityreason.com/securityalert/4344  View
377794 34483 CVE-2008-4366 XF:cameralife-image-file-upload(45492)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
48176 JVNDB-2008-003486 Availscript Photo Album におけるクロスサイトスクリプティングの脆弱性 Availscript Photo Album には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2008-4370 34483 4.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003486.html  View