Uploadscript Uploadimage vulnerabilities
2 known vulnerabilities affecting uploadscript/uploadimage.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1
Vulnerabilities
Page 1 of 1
CVE-2008-0246P3CRITICALCVSS 10.0PoCv1.02008-01-12
CVE-2008-0246 [CRITICAL] CWE-264 CVE-2008-0246: admin.php in UploadScript 1.0 does not check for the original password before making a change to a n
admin.php in UploadScript 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
nvd
CVE-2008-0245P3HIGHCVSS 7.5PoCv1.02008-01-12
CVE-2008-0245 [HIGH] CWE-264 CVE-2008-0245: admin.php in UploadImage 1.0 does not check for the original password before making a change to a ne
admin.php in UploadImage 1.0 does not check for the original password before making a change to a new password, which allows remote attackers to gain administrator privileges via the pass parameter in a nopass (Set Password) action.
nvd