CVE-2015-0877

Severity

75%

Complexity

99%

Confidentiality

106%

CWE-434: Unrestricted Upload of File with Dangerous Type

Unrestricted file upload vulnerability in app/lib/mlf.pl in C-BOARD Moyuku before 1.03b3 allows remote attackers to execute arbitrary code by uploading a file with a \0 character in its name.

CWE-434: Unrestricted Upload of File with Dangerous Type

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

C-BOARD Moyuku

First reported 9 years ago

2015-04-06 01:59:00

Last updated 9 years ago

2015-04-06 16:55:00

Affected Software

C-BOARD Moyuku 1.01b1

1.01

C-BOARD Moyuku 1.01b2

1.01

C-BOARD Moyuku 1.01b3

1.01

C-BOARD Moyuku 1.01b4

1.01

C-BOARD Moyuku 1.01b6

1.01

C-BOARD Moyuku 1.02b1

1.02

C-BOARD Moyuku 1.03b1

1.03

References

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.

CVE-2015-0877

Severity

What is severity?

Complexity

What is complexity?

Confidentiality

What is confidentiality?

Overview

Type

First reported 9 years ago

Last updated 9 years ago

Affected Software

C-BOARD Moyuku 1.01b1

C-BOARD Moyuku 1.01b2

C-BOARD Moyuku 1.01b3

C-BOARD Moyuku 1.01b4

C-BOARD Moyuku 1.01b6

C-BOARD Moyuku 1.02b1

C-BOARD Moyuku 1.03b1

References

JVN#73261710

JVNDB-2015-000018

http://sourceforge.jp/projects/cb-moyuku/news/

Stay updated

Get in touch