Vulnerabilities > CVE-2010-0279 - Unspecified vulnerability in Bts-Gi.Net Read Excel 1.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN bts-gi-net
exploit available
Summary
Unrestricted file upload vulnerability in upload.php in BTS-GI Read excel 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. NOTE: some of these details are obtained from third party information.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Read Excel Script v1.1 Shell Upload Vulnerability. CVE-2010-0279. Webapps exploit for php platform |
| file | exploits/php/webapps/11057.txt |
| id | EDB-ID:11057 |
| last seen | 2016-02-01 |
| modified | 2010-01-07 |
| platform | php |
| port | |
| published | 2010-01-07 |
| reporter | Yozgat.Us |
| source | https://www.exploit-db.com/download/11057/ |
| title | Read Excel Script 1.1 - Shell Upload Vulnerability |
| type | webapps |
References
- http://osvdb.org/61579
- http://osvdb.org/61579
- http://secunia.com/advisories/38083
- http://secunia.com/advisories/38083
- http://www.exploit-db.com/exploits/11057
- http://www.exploit-db.com/exploits/11057
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55462
- https://exchange.xforce.ibmcloud.com/vulnerabilities/55462