Vulnerabilities > CVE-2005-3021 - File-Upload vulnerability in vBulletin

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

local

low complexity

jelsoft

NVD

Published: 2005-09-21

Updated: 2017-07-11

Summary

image.php in vBulletin 3.0.9 and earlier allows remote attackers with access to the administrator panel to upload arbitrary files via the upload action.

Vulnerable Configurations

Part	Description	Count
Application	Jelsoft Jelsoft Vbulletin 1.0.1 Jelsoft Vbulletin 2.0.3 Jelsoft Vbulletin 2.0_Rc2 Jelsoft Vbulletin 2.0_Rc3 Jelsoft Vbulletin 2.2.0 Jelsoft Vbulletin 2.2.1 Jelsoft Vbulletin 2.2.2 Jelsoft Vbulletin 2.2.3 Jelsoft Vbulletin 2.2.4 Jelsoft Vbulletin 2.2.5 Jelsoft Vbulletin 2.2.6 Jelsoft Vbulletin 2.2.7 Jelsoft Vbulletin 2.2.8 Jelsoft Vbulletin 2.2.9 Jelsoft Vbulletin 2.3.0 Jelsoft Vbulletin 2.3.2 Jelsoft Vbulletin 2.3.3 Jelsoft Vbulletin 2.3.4 Jelsoft Vbulletin 3.0 Jelsoft Vbulletin 3.0.1 Jelsoft Vbulletin 3.0.2 Jelsoft Vbulletin 3.0.3 Jelsoft Vbulletin 3.0.4 Jelsoft Vbulletin 3.0.5 Jelsoft Vbulletin 3.0.6 Jelsoft Vbulletin 3.0.7 Jelsoft Vbulletin 3.0.8 Jelsoft Vbulletin 3.0.9 Jelsoft Vbulletin 3.0_Beta_2 Jelsoft Vbulletin 3.0_Beta_3 Jelsoft Vbulletin 3.0_Beta_4 Jelsoft Vbulletin 3.0_Beta_5 Jelsoft Vbulletin 3.0_Beta_6 Jelsoft Vbulletin 3.0_Beta_7 Jelsoft Vbulletin 3.0_Gamma	35

Summary

Vulnerable Configurations

References