Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the Email-Template module in Generic YouTube Clone Script allows remote attackers to upload files with arbitrary file types to templates/emails/ as administrators.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Generic Youtube Clone Script | Generic Youtube Clone Script | All versions |
Related Weaknesses (CWE)
References
- http://chxsecurity.org/advisories/adv-2-mid.txt
- http://osvdb.org/38692
- http://securityreason.com/securityalert/2896
- http://www.securityfocus.com/archive/1/473192/100/0/threaded
- http://chxsecurity.org/advisories/adv-2-mid.txt
- http://osvdb.org/38692
- http://securityreason.com/securityalert/2896
- http://www.securityfocus.com/archive/1/473192/100/0/threaded
FAQ
What is CVE-2007-3773?
CVE-2007-3773 is a vulnerability with a CVSS score of 9.3 (HIGH). Cross-site request forgery (CSRF) vulnerability in the Email-Template module in Generic YouTube Clone Script allows remote attackers to upload files with arbitrary file types to templates/emails/ as a...
How severe is CVE-2007-3773?
CVE-2007-3773 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-3773?
Check the references section above for vendor advisories and patch information. Affected products include: Generic Youtube Clone Script Generic Youtube Clone Script.