CVE-2012-3572

Open Source Competency Center (OSCC) MyMeeting 3.0.1 and earlier, and MyMesyuarat 09b-1, does not properly verify uploaded documents, which allows remote authenticated users to execute arbitrary PHP code via a crafted document.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 61%
VendorProductVersion
osccmymeeting
𝑥
≤ 3.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://sourceforge.net/projects/mymesyuarat/files/mymesyuarat/mymesyuarat%20ver0.9b-2.zip/download
http://www.mycert.org.my/en/services/advisories/mycert/2012/main/detail/904/index.html
http://sourceforge.net/projects/mymesyuarat/files/mymesyuarat/mymesyuarat%20ver0.9b-2.zip/download
http://www.mycert.org.my/en/services/advisories/mycert/2012/main/detail/904/index.html