CVE-2010-1514 - Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier allows remote authenticated us

CVE-2010-1514

Summary

Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier allows remote authenticated users, with certain privileges, to execute arbitrary PHP code by uploading an image file, and then accessing it via a direct request to the file in an unspecified directory.

References

Vulnerable Configurations

cpe:2.3:a:tomatocms:tomatocms:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.3.1430:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.3.1430:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.3.1622:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.3.1622:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:*:*:*:*:*:*:*:*
cpe:2.3:a:tomatocms:tomatocms:*:*:*:*:*:*:*:*

CVSS

Base:	6.0 (as of 18-06-2010 - 04:00)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:S/C:P/I:P/A:P

refmap via4

bid	40544
misc	http://holisticinfosec.org/content/view/148/45/ http://secunia.com/secunia_research/2010-57/
secunia	39680

Last major update

18-06-2010 - 04:00

Published

15-06-2010 - 14:30

Last modified

18-06-2010 - 04:00