Back to search
CVE-2007-3018
Published: Jul 17, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
activeWeb contentserver CMS before 5.6.2964 does not limit the file-creation ability of editors who have restricted accounts, which allows these editors to create files in arbitrary directories.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
24900
vdb-entry
x_refsource_BID
39746
vdb-entry
x_refsource_OSVDB
20070713 ActiveWeb Contentserver CMS Editor Permission Settings Problem
mailing-list
x_refsource_BUGTRAQ
activeweb-editor-insecure-permissions(35400)
vdb-entry
x_refsource_XF
2899
third-party-advisory
x_refsource_SREASON
http://www.redteam-pentesting.de/advisories/rt-sa-2007-007.php
x_refsource_MISC
26063
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now