CVE-2008-2742 - Vulnerability Details - OpenCVE

Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 through 1.3.2 allows remote attackers to execute arbitrary code by uploading a file with .php followed by a safe extension, then accessing it via a direct request to the file in the Achievo root directory. NOTE: this is only a vulnerability in environments that support multiple extensions, such as Apache with the mod_mime module enabled.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Achievo	Achievo

Configuration 1 [-]

OR	cpe:2.3:a:achievo:achievo:1.2.0:::::::*
	cpe:2.3:a:achievo:achievo:1.2.1:::::::*
	cpe:2.3:a:achievo:achievo:1.3.0:::::::*
	cpe:2.3:a:achievo:achievo:1.3.1:::::::*
	cpe:2.3:a:achievo:achievo:1.3.2:::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/30597
http://www.achievo.org/blog/archives/631-Achievo-1.3.3-Security-Release.html
http://www.securityfocus.com/bid/29621
https://exchange.xforce.ibmcloud.com/vulnerabilities/42980
https://www.exploit-db.com/exploits/5770

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-06-17T15:00:00

Updated: 2024-08-07T09:14:15.208Z

Reserved: 2008-06-17T00:00:00

Link: CVE-2008-2742

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2008-06-17T15:41:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-2742

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-06-09T00:00:00", "descriptions": [{"lang": "en", "value": "Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 through 1.3.2 allows remote attackers to execute arbitrary code by uploading a file with .php followed by a safe extension, then accessing it via a direct request to the file in the Achievo root directory. NOTE: this is only a vulnerability in environments that support multiple extensions, such as Apache with the mod_mime module enabled."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.achievo.org/blog/archives/631-Achievo-1.3.3-Security-Release.html"}, {"name": "5770", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/5770"}, {"name": "achievo-config-file-upload(42980)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42980"}, {"name": "30597", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30597"}, {"name": "29621", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/29621"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-2742", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 through 1.3.2 allows remote attackers to execute arbitrary code by uploading a file with .php followed by a safe extension, then accessing it via a direct request to the file in the Achievo root directory. NOTE: this is only a vulnerability in environments that support multiple extensions, such as Apache with the mod_mime module enabled."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.achievo.org/blog/archives/631-Achievo-1.3.3-Security-Release.html", "refsource": "CONFIRM", "url": "http://www.achievo.org/blog/archives/631-Achievo-1.3.3-Security-Release.html"}, {"name": "5770", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/5770"}, {"name": "achievo-config-file-upload(42980)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42980"}, {"name": "30597", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30597"}, {"name": "29621", "refsource": "BID", "url": "http://www.securityfocus.com/bid/29621"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:14:15.208Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.achievo.org/blog/archives/631-Achievo-1.3.3-Security-Release.html"}, {"name": "5770", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/5770"}, {"name": "achievo-config-file-upload(42980)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42980"}, {"name": "30597", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30597"}, {"name": "29621", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/29621"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-2742", "datePublished": "2008-06-17T15:00:00", "dateReserved": "2008-06-17T00:00:00", "dateUpdated": "2024-08-07T09:14:15.208Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:achievo:achievo:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "8633CE2A-7814-4963-BB65-B4499BBA5186", "vulnerable": true}, {"criteria": "cpe:2.3:a:achievo:achievo:1.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1B9C0B0D-5E4A-45BD-9150-90FC615357EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:achievo:achievo:1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "B835A00C-FFEA-4A88-ABD3-1C17A2FDC96F", "vulnerable": true}, {"criteria": "cpe:2.3:a:achievo:achievo:1.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "951EC99D-4FFB-4388-AAF0-84A60A67AC3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:achievo:achievo:1.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "D901628D-D446-45EE-B131-EAA04D48A352", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unrestricted file upload in the mcpuk file editor (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) in Achievo 1.2.0 through 1.3.2 allows remote attackers to execute arbitrary code by uploading a file with .php followed by a safe extension, then accessing it via a direct request to the file in the Achievo root directory. NOTE: this is only a vulnerability in environments that support multiple extensions, such as Apache with the mod_mime module enabled."}, {"lang": "es", "value": "Vulnerabilidad de subida de fichero no restringido en el editor de ficheros mcpuk (atk/attributes/fck/editor/filemanager/browser/mcpuk/connectors/php/config.php) en Achievo 1.2.0 hasta 1.3.2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n al subir un fichero con .php seguido de una extensi\u00f3n segura y luego accediendo a \u00e9l mediante una solicitud directa al fichero del directorio ra\u00edz de Achievo. NOTA: Se trata s\u00f3lo es una vulnerabilidad en entornos que soportan m\u00faltiples extensiones como Apache con el m\u00f3dulo mod_mime habilitado."}], "id": "CVE-2008-2742", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-06-17T15:41:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30597"}, {"source": "cve@mitre.org", "url": "http://www.achievo.org/blog/archives/631-Achievo-1.3.3-Security-Release.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/29621"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42980"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/5770"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/30597"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.achievo.org/blog/archives/631-Achievo-1.3.3-Security-Release.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/29621"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42980"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/5770"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}