CVE Vulnerabilities

CVE-2007-5230

Published: Oct 05, 2007 | Modified: Nov 21, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

admin/upload_files.php in Zomplog 3.8.1 and earlier does not check for administrative credentials, which allows remote attackers to perform administrative actions via a direct request. NOTE: this can be leveraged for code execution by exploiting CVE-2007-5231.

Affected Software

Name Vendor Start Version End Version
Zomplog Zomplog 3.7 (including) 3.7 (including)
Zomplog Zomplog 3.7.6 (including) 3.7.6 (including)
Zomplog Zomplog 3.8 (including) 3.8 (including)
Zomplog Zomplog 3.8.1 (including) 3.8.1 (including)

References