1. Home
  2. CVE Database
  3. CVE-2007-0972
HIGH · 7.5

CVE-2007-0972

Unrestricted file upload vulnerability in modules/emoticons.php in Jupiter CMS 1.1.5 allows remote attackers to upload arbitrary files by modifying the HTTP request to send an image content type, and ...

Vulnerability Description

Unrestricted file upload vulnerability in modules/emoticons.php in Jupiter CMS 1.1.5 allows remote attackers to upload arbitrary files by modifying the HTTP request to send an image content type, and to omit is_guest and is_user parameters. NOTE: this issue might be related to CVE-2006-4875.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P
Confidentiality
PARTIAL
Integrity
PARTIAL
Availability
PARTIAL

Affected Products

VendorProductVersions
Jupiter CmsJupiter Cms1.1.5

References

FAQ

What is CVE-2007-0972?

CVE-2007-0972 is a vulnerability with a CVSS score of 7.5 (HIGH). Unrestricted file upload vulnerability in modules/emoticons.php in Jupiter CMS 1.1.5 allows remote attackers to upload arbitrary files by modifying the HTTP request to send an image content type, and ...

How severe is CVE-2007-0972?

CVE-2007-0972 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2007-0972?

Check the references section above for vendor advisories and patch information. Affected products include: Jupiter Cms Jupiter Cms.