CVE-2015-2974
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
29/07/2015
Last modified:
29/07/2015
Description
LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:lemon-s_php:gazou_bbs_plus:*:*:*:*:*:*:*:* | 2.35 (including) |
To consult the complete list of CPE names with products and versions, see this page