CVE-2008-0233

EUVD-2008-0245
Unrestricted file upload vulnerability in Zero CMS 1.0 Alpha and earlier allows remote attackers to bypass intended access restrictions and upload and execute arbitrary files by uploading an avatar file with an accepted Content-Type such as image/jpeg.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
Affected Products (NVD)
VendorProductVersion
zero_cmszero_cms
1.0_alpha:_alpha
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.org/0801-exploits/zerocms-sql.txt
https://www.exploit-db.com/exploits/4864
http://packetstormsecurity.org/0801-exploits/zerocms-sql.txt
https://www.exploit-db.com/exploits/4864