CVE-2008-2267

NONECVSS 0.0

0.0

Incomplete blacklist vulnerability in javaUpload.php in Postlet in the FileManager module in CMS Made Simple 1.2.4 and earlier allows remote attackers to execute arbitrary code by uploading a file with a name ending in (1) .jsp, (2) .php3, (3) .cgi, (4) .dhtml, (5) .phtml, (6) .php5, or (7) .jar, then accessing it via a direct request to the file in modules/FileManager/postlet/.

🔗 References (12)

cve@mitrehttp://blog.cmsmadesimple.org/2008/05/12/announcing-cms-made-simple-125/
cve@mitrehttp://secunia.com/advisories/30208
cve@mitrehttp://www.attrition.org/pipermail/vim/2008-May/001978.html
cve@mitrehttp://www.securityfocus.com/bid/29170
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/42371
cve@mitrehttps://www.exploit-db.com/exploits/5600
af854a3a-2127-422b-91ae-364da2661108http://blog.cmsmadesimple.org/2008/05/12/announcing-cms-made-simple-125/
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/30208
af854a3a-2127-422b-91ae-364da2661108http://www.attrition.org/pipermail/vim/2008-May/001978.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/29170
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/42371
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/5600

Is Your Infrastructure Affected by CVE-2008-2267?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-2267

📅 Published

🔄 Last Modified

🔗 References (12)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-2267?