CVE-2008-2920

EUVD-2008-2913
admin/filemanager/ (aka the File Manager) in EZTechhelp EZCMS 1.2 and earlier does not require authentication, which allows remote attackers to create, modify, read, and delete files.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
ezcmseztechhelp_ezcms
𝑥
≤ 1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://ezcms.eztechhelp.com/index.php?page=3&nid=27
http://www.securityfocus.com/bid/29738
https://exchange.xforce.ibmcloud.com/vulnerabilities/43091
https://www.exploit-db.com/exploits/5819
http://ezcms.eztechhelp.com/index.php?page=3&nid=27
http://www.securityfocus.com/bid/29738
https://exchange.xforce.ibmcloud.com/vulnerabilities/43091
https://www.exploit-db.com/exploits/5819