CVE-2008-7021 : Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Porta

Unrestricted file upload vulnerability in editlogo.php in AvailScript Jobs Portal Script allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension as an image or logo, then accessing it via a direct request to the file in an unspecified directory.

Published 2009-08-21 14:30:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2008-7021

Availscript » Jobs Portal Script » Version: N/A
cpe:2.3:a:availscript:jobs_portal_script:-:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2008-7021

EPSS FAQ

2.63%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 84 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2008-7021

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.0	MEDIUM	AV:N/AC:M/Au:S/C:P/I:P/A:P	6.8	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2008-7021

Jump to

Vulnerability Details : CVE-2008-7021

Products affected by CVE-2008-7021

Exploit prediction scoring system (EPSS) score for CVE-2008-7021

CVSS scores for CVE-2008-7021

References for CVE-2008-7021