NVD

Id
13038  
Name
CVE-2010-1514  
Description
Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier allows remote authenticated users, with certain privileges, to execute arbitrary PHP code by uploading an image file, and then accessing it via a direct request to the file in an unspecified directory.  
Reject
 
CVSS Version
2  
CVSS Score
6  
Severity
Medium  
CVSS Base Score
6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
6.8  
CVSS Vector
(AV:N/AC:M/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2010-06-15  
Modified Date
2010-06-18  
Seq
2010-1514  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
72170 13038 CVE-2010-1514 http://holisticinfosec.org/content/view/148/45/  View
72171 13038 CVE-2010-1514 40544  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
39631 JVNDB-2010-005416 TomatoCMS における任意の PHP コードを実行される脆弱性 TomatoCMS は、無制限にファイルをアップロードする不備があるため、任意の PHP コードを実行される脆弱性が存在します。 CVE-2010-1514 44094 CVE-2010-1514 13038 6 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-005416.html 2010-06-15 2012-12-20 View