pphoto in Ariadne before 2.6 allows remote authenticated users with certain privileges to execute arbitrary shell commands via vectors related to PINP programs and the annotate command. NOTE: some of these details are obtained from third party information.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:58
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/43055 - | |
References | () http://secunia.com/advisories/29191 - Vendor Advisory | |
References | () http://www.ariadne-cms.org/download/changes/ - Patch | |
References | () http://www.securityfocus.com/bid/28093 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/40989 - |
Information
Published : 2009-08-31 10:30
Updated : 2024-11-21 00:58
NVD link : CVE-2008-7125
Mitre link : CVE-2008-7125
CVE.ORG link : CVE-2008-7125
JSON object : View
Products Affected
ariadne-cms
- ariadne_cms
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')