CVE-2015-0126

IBM Leads 7.x, 8.1.0 before 8.1.0.14, 8.2, 8.5.0 before 8.5.0.7.3, 8.6.0 before 8.6.0.8.1, 9.0.0 through 9.0.0.4, 9.1.0 before 9.1.0.6.1, and 9.1.1 before 9.1.1.0.2 allows remote authenticated users to bypass intended file-upload restrictions via a modified extension.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ibmleads
7.1.0
ibmleads
7.1.1
ibmleads
7.5.0
ibmleads
8.1.0
ibmleads
8.2.0
ibmleads
8.5.0
ibmleads
8.6.0
ibmleads
9.0.0
ibmleads
9.1.0
ibmleads
9.1.1
𝑥
= Vulnerable software versions
References
http://www-01.ibm.com/support/docview.wss?uid=swg21902807
http://www-01.ibm.com/support/docview.wss?uid=swg21902807