Vulnerability Description
Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IMAGES module to upload PHP files and execute arbitrary code.
CVSS Score
4.6
MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jetbox | Jetbox One Cms | 2.0.8 |
References
- http://echo.or.id/adv/adv03-y3dips-2004.txtExploit
- http://secunia.com/advisories/12230/
- http://www.kb.cert.org/vuls/id/417408Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/archive/1/370852Exploit
- http://www.securityfocus.com/bid/10859
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16900
- http://echo.or.id/adv/adv03-y3dips-2004.txtExploit
- http://secunia.com/advisories/12230/
- http://www.kb.cert.org/vuls/id/417408Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/archive/1/370852Exploit
- http://www.securityfocus.com/bid/10859
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16900
FAQ
What is CVE-2004-1448?
CVE-2004-1448 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IMAGES module to upload PHP files and execute arbitrary code.
How severe is CVE-2004-1448?
CVE-2004-1448 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1448?
Check the references section above for vendor advisories and patch information. Affected products include: Jetbox Jetbox One Cms.