Vulnerabilities > CVE-2015-0877 - Remote Code Execution vulnerability in C-Board Moyuku Project C-Board Moyuku 1.01/1.02/1.03

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
c-board-moyuku-project
NVD
Published: 2015-04-06
Updated: 2015-04-06

Summary

Unrestricted file upload vulnerability in app/lib/mlf.pl in C-BOARD Moyuku before 1.03b3 allows remote attackers to execute arbitrary code by uploading a file with a \0 character in its name. <a href="http://cwe.mitre.org/data/definitions/434.html">CWE-434: Unrestricted Upload of File with Dangerous Type</a>

Vulnerable Configurations

Part Description Count
Application
C-Board_Moyuku_Project
8

References