[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-5136

Date: (C)2012-08-30   (M)2017-08-29 


showImg.php in EPractize Labs Subscription Manager, possibly 1.0, allows remote attackers to overwrite arbitrary files via the db parameter.

CVSS Score: 6.4Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 4.9Authentication: NONE
 Confidentiality: NONE
 Integrity: PARTIAL
 Availability: PARTIAL





Reference:
http://seclists.org/fulldisclosure/2011/Dec/125
SECUNIA-47072
OSVDB-77505
epractice-showimg-code-exec(71630)

CPE    1
cpe:/a:epractizelabs:subscription_manager:1.0
CWE    1
CWE-20

© 2013 SecPod Technologies