CVE-2008-5677 (GCVE-0-2008-5677)
Vulnerability from cvelistv5 – Published: 2008-12-18 22:00 – Updated: 2024-08-07 11:04
VLAI?
Summary
Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under items/, related to the ReplaceBadFilenameChars function in include/ItemAdder.php. NOTE: some of these details are obtained from third party information.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Date Public ?
2008-10-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:04:44.353Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4789",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4789"
},
{
"name": "31568",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31568"
},
{
"name": "32145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32145"
},
{
"name": "6664",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/6664"
},
{
"name": "kwalbum-file-upload(45655)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45655"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under items/, related to the ReplaceBadFilenameChars function in include/ItemAdder.php. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4789",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4789"
},
{
"name": "31568",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31568"
},
{
"name": "32145",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32145"
},
{
"name": "6664",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/6664"
},
{
"name": "kwalbum-file-upload(45655)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45655"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5677",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under items/, related to the ReplaceBadFilenameChars function in include/ItemAdder.php. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4789",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4789"
},
{
"name": "31568",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31568"
},
{
"name": "32145",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32145"
},
{
"name": "6664",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/6664"
},
{
"name": "kwalbum-file-upload(45655)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45655"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5677",
"datePublished": "2008-12-18T22:00:00.000Z",
"dateReserved": "2008-12-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T11:04:44.353Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2008-5677",
"date": "2026-04-25",
"epss": "0.03972",
"percentile": "0.88419"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"2.0.2\", \"matchCriteriaId\": \"E0E0029E-1244-4E27-836D-BCBCA768DAA0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.5.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6A628EE1-AAA1-4EFF-A5CA-0F2E81DC2082\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.5.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"073E7663-63C2-4007-9CA3-B92265FB1378\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.5.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CD12A1D9-BE75-4210-A6A8-68A3086823CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.5.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"30A9933C-B569-4E0D-B3C8-47DDA0E22182\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.5.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EF6BC38-51AD-46AF-8DFD-C8117BA19C6B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.5.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4CCC1058-CA0E-4AE5-A408-6AE34E81AC01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.5.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A0E6708-38A4-4DAE-810E-4C943BD822D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.5.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D7362D30-E1F5-4470-B02B-5DFC6ACA6ECF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.5.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6830C8C8-65C7-4888-8C8A-E58D625F418E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.5.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"174BFF63-F9C6-4FEC-948E-B05CAAD8904E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.5.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B90ED9D-1EFD-40DC-A583-FF624792B125\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4F54D5D-6680-4CCC-B33B-039C98BC36B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48AA41B6-DA32-40E1-B1F3-99699153270B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"841FE026-D523-4679-A6FC-F9D13FC76DD5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E21537AA-D4AA-472C-96B5-76A16B6777BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFDF0EE8-AB3A-4BA3-87AC-7CFBAC15B234\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"285FE067-C167-429A-B740-50BAF88B6B83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2663EBA5-C63B-4430-8ADC-641A3BAF97AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5CAEFE8B-4BA9-4934-8063-A4CDF1DCB180\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C061092-8B15-40EA-A2F5-0BEDCE88DCC4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"07113ADE-C57F-4CD3-A903-53D17457277B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EECF6339-2DB1-410C-ACCA-CEDD4574FAD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC7CCE33-F7FE-4EA7-903F-29D3CC86FA23\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"64817FF9-8C02-4273-B78E-9A119A3EE3FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6C57F9F8-A12B-4354-AFDF-8A2B3CCC0567\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.6.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ACDBEF2D-EBCB-411B-9592-28542ACD3D22\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"676C76F3-F31B-4E44-AB4D-BD24039B9111\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"395A69AC-C27C-45D9-B783-C9FF536640E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E20C19E4-B9F9-4E69-A166-670389CDA2E5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4E402E9-9E46-459A-8941-B699E2F0E789\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.9.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"069380E9-147A-44CB-AD96-C8E842CCA2B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.9.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90752D3F-37FA-43A5-B126-61BE98C661C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.9.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0178BB51-DF79-49D3-8CE3-B79035C5C062\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:0.9.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F287A989-BDE9-41DB-9593-98F024296500\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F38A2B47-5301-44AD-954C-DC7EA02C0CA8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"770A30DB-C653-4998-9B77-2D7B04B78D5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:2.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0CD5333-882B-4B9C-AB3B-F9EE06CC5D55\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:kwalbum:kwalbum:2.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E8A3F7D-E2A4-4542-AA9E-09495A91FFA3\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under items/, related to the ReplaceBadFilenameChars function in include/ItemAdder.php. NOTE: some of these details are obtained from third party information.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad de subida de fichero no restringida en Kwalbum v2.0.4, v2.0.2 y anteriores cuando PICS_PATH esta localizado en el directorio ra\\u00edz de la web, permite a usuarios remotos autenticados con capacidad de subida, ejecutar c\\u00f3digo a su elecci\\u00f3n mediante la subida de un fichero con una extensi\\u00f3n ejecutable, entonces se accede al fichero a trav\\u00e9s de una petici\\u00f3n items/, relacionado con la funcion ReplaceBadFilenameChars en include/ItemAdder.php. NOTA: Algunos detalles se han obtenido a trav\\u00e9s de informaci\\u00f3n de terceros.\"}]",
"id": "CVE-2008-5677",
"lastModified": "2024-11-21T00:54:37.310",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:S/C:C/I:C/A:C\", \"baseScore\": 7.1, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2008-12-19T01:52:58.030",
"references": "[{\"url\": \"http://secunia.com/advisories/32145\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/4789\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/31568\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/45655\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://www.exploit-db.com/exploits/6664\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/32145\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/4789\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/31568\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/45655\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.exploit-db.com/exploits/6664\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2008-5677\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-12-19T01:52:58.030\",\"lastModified\":\"2026-04-23T00:35:47.467\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unrestricted file upload vulnerability in Kwalbum 2.0.4, 2.0.2, and earlier, when PICS_PATH is located in the web root, allows remote authenticated users with upload capability to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under items/, related to the ReplaceBadFilenameChars function in include/ItemAdder.php. NOTE: some of these details are obtained from third party information.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de subida de fichero no restringida en Kwalbum v2.0.4, v2.0.2 y anteriores cuando PICS_PATH esta localizado en el directorio ra\u00edz de la web, permite a usuarios remotos autenticados con capacidad de subida, ejecutar c\u00f3digo a su elecci\u00f3n mediante la subida de un fichero con una extensi\u00f3n ejecutable, entonces se accede al fichero a trav\u00e9s de una petici\u00f3n items/, relacionado con la funcion ReplaceBadFilenameChars en include/ItemAdder.php. NOTA: Algunos detalles se han obtenido a trav\u00e9s de informaci\u00f3n de terceros.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:S/C:C/I:C/A:C\",\"baseScore\":7.1,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2.0.2\",\"matchCriteriaId\":\"E0E0029E-1244-4E27-836D-BCBCA768DAA0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A628EE1-AAA1-4EFF-A5CA-0F2E81DC2082\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"073E7663-63C2-4007-9CA3-B92265FB1378\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CD12A1D9-BE75-4210-A6A8-68A3086823CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30A9933C-B569-4E0D-B3C8-47DDA0E22182\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EF6BC38-51AD-46AF-8DFD-C8117BA19C6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4CCC1058-CA0E-4AE5-A408-6AE34E81AC01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A0E6708-38A4-4DAE-810E-4C943BD822D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.5.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D7362D30-E1F5-4470-B02B-5DFC6ACA6ECF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.5.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6830C8C8-65C7-4888-8C8A-E58D625F418E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.5.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"174BFF63-F9C6-4FEC-948E-B05CAAD8904E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.5.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B90ED9D-1EFD-40DC-A583-FF624792B125\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4F54D5D-6680-4CCC-B33B-039C98BC36B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48AA41B6-DA32-40E1-B1F3-99699153270B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"841FE026-D523-4679-A6FC-F9D13FC76DD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E21537AA-D4AA-472C-96B5-76A16B6777BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFDF0EE8-AB3A-4BA3-87AC-7CFBAC15B234\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"285FE067-C167-429A-B740-50BAF88B6B83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2663EBA5-C63B-4430-8ADC-641A3BAF97AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5CAEFE8B-4BA9-4934-8063-A4CDF1DCB180\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C061092-8B15-40EA-A2F5-0BEDCE88DCC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07113ADE-C57F-4CD3-A903-53D17457277B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EECF6339-2DB1-410C-ACCA-CEDD4574FAD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC7CCE33-F7FE-4EA7-903F-29D3CC86FA23\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64817FF9-8C02-4273-B78E-9A119A3EE3FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C57F9F8-A12B-4354-AFDF-8A2B3CCC0567\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.6.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACDBEF2D-EBCB-411B-9592-28542ACD3D22\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"676C76F3-F31B-4E44-AB4D-BD24039B9111\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"395A69AC-C27C-45D9-B783-C9FF536640E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E20C19E4-B9F9-4E69-A166-670389CDA2E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4E402E9-9E46-459A-8941-B699E2F0E789\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"069380E9-147A-44CB-AD96-C8E842CCA2B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90752D3F-37FA-43A5-B126-61BE98C661C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0178BB51-DF79-49D3-8CE3-B79035C5C062\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:0.9.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F287A989-BDE9-41DB-9593-98F024296500\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F38A2B47-5301-44AD-954C-DC7EA02C0CA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"770A30DB-C653-4998-9B77-2D7B04B78D5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:2.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0CD5333-882B-4B9C-AB3B-F9EE06CC5D55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:kwalbum:kwalbum:2.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E8A3F7D-E2A4-4542-AA9E-09495A91FFA3\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/32145\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/4789\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/31568\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/45655\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.exploit-db.com/exploits/6664\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/32145\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/4789\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/31568\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/45655\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.exploit-db.com/exploits/6664\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…