CVE

Id
36609  
CVE No.
CVE-2008-6492  
Status
Candidate  
Description
Unrestricted file upload vulnerability in process.php in Tizag Countdown Creator 3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension via index.php, then accessing the uploaded file via a direct request to the file in pics/. NOTE: some of these details are obtained from third party information.  
Phase
Assigned (20090319)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
399400 36609 CVE-2008-6492 MILW0RM:7354  View
399401 36609 CVE-2008-6492 URL:http://www.milw0rm.com/exploits/7354  View
399402 36609 CVE-2008-6492 BID:32661  View
399403 36609 CVE-2008-6492 URL:http://www.securityfocus.com/bid/32661  View
399404 36609 CVE-2008-6492 OSVDB:51305  View
399405 36609 CVE-2008-6492 URL:http://osvdb.org/51305  View
399406 36609 CVE-2008-6492 SECUNIA:33007  View
399407 36609 CVE-2008-6492 URL:http://secunia.com/advisories/33007  View
399408 36609 CVE-2008-6492 XF:countdowncreator-process-file-upload(47129)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
44487 JVNDB-2009-005494 VISAGESOFT eXPert PDF EditorX の VSPDFEditorX.VSPDFEdit ActiveX コントロールにおける任意のファイルを作成される脆弱性 VISAGESOFT eXPert PDF EditorX の VSPDFEditorX.ocx の VSPDFEditorX.VSPDFEdit ActiveX コントロールには、安全でないメソッドにより、任意のファイルを作成される、または上書きされる脆弱性が存在します。 CVE-2008-6496 36609 8.8 http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-005494.html  View