Unrestricted File Upload Vulnerability in Zeeways ZEEPROPERTY by Zeeways
CVE-2008-6914

Currently unrated

Key Information:

Vendor

Zeeways

Status
Zeeproperty
Vendor
CVE Published:
7 August 2009

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2008-6914?

The ZEEPROPERTY application version 1.0 contains an unrestricted file upload vulnerability in the viewprofile.php script. This flaw allows authenticated remote users to upload files with executable extensions as profile images. Such a file can later be executed by directly accessing it through the companylogo/ directory, potentially leading to remote code execution and unauthorized access to the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/46503
vdb-entryx_refsource_XF
https://www.exploit-db.com/exploits/7058
exploitx_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/32224
vdb-entryx_refsource_BID

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.