Vulnerability Description
Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file with an executable extension and a modified content type, then accessing this file via a direct request, as demonstrated by an upload with an image/jpeg content type. NOTE: some of these details are obtained from third party information.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Newearthpt | Imgupload | 1.0 |
References
- http://osvdb.org/49428
- http://secunia.com/advisories/32412Vendor Advisory
- http://www.securityfocus.com/bid/31909
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46089
- https://www.exploit-db.com/exploits/6830
- http://osvdb.org/49428
- http://secunia.com/advisories/32412Vendor Advisory
- http://www.securityfocus.com/bid/31909
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46089
- https://www.exploit-db.com/exploits/6830
FAQ
What is CVE-2008-6822?
CVE-2008-6822 is a vulnerability with a CVSS score of 7.5 (HIGH). Unrestricted file upload vulnerability in uploadp.php in New Earth Programming Team (NEPT) imgupload (aka Image Uploader) 1.0 allows remote attackers to execute arbitrary code by uploading a file with...
How severe is CVE-2008-6822?
CVE-2008-6822 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-6822?
Check the references section above for vendor advisories and patch information. Affected products include: Newearthpt Imgupload.