CVE-2008-1866 - Vulnerability Details - OpenCVE

admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) does not require admin authentication, which allows remote authenticated users to upload arbitrary PHP scripts in a ZIP archive, which is written to templateZip/ and then automatically extracted under templates/ for execution via a direct request.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Pixel Motion	Pixel Motion Blog

Configuration 1 [-]

cpe:2.3:a:pixel_motion:pixel_motion_blog:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/28646
http://www.vupen.com/english/advisories/2008/1121/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41670
https://www.exploit-db.com/exploits/5381

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-04-17T17:00:00

Updated: 2024-08-07T08:40:59.864Z

Reserved: 2008-04-17T00:00:00

Link: CVE-2008-1866

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-04-17T19:05:00.000

Modified: 2024-11-21T00:45:32.367

Link: CVE-2008-1866

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-04-06T00:00:00", "descriptions": [{"lang": "en", "value": "admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) does not require admin authentication, which allows remote authenticated users to upload arbitrary PHP scripts in a ZIP archive, which is written to templateZip/ and then automatically extracted under templates/ for execution via a direct request."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "5381", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/5381"}, {"name": "blogpixelmotion-modifconfig-file-upload(41670)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41670"}, {"name": "28646", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/28646"}, {"name": "ADV-2008-1121", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/1121/references"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-1866", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) does not require admin authentication, which allows remote authenticated users to upload arbitrary PHP scripts in a ZIP archive, which is written to templateZip/ and then automatically extracted under templates/ for execution via a direct request."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "5381", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/5381"}, {"name": "blogpixelmotion-modifconfig-file-upload(41670)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41670"}, {"name": "28646", "refsource": "BID", "url": "http://www.securityfocus.com/bid/28646"}, {"name": "ADV-2008-1121", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1121/references"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:40:59.864Z"}, "title": "CVE Program Container", "references": [{"name": "5381", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/5381"}, {"name": "blogpixelmotion-modifconfig-file-upload(41670)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41670"}, {"name": "28646", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/28646"}, {"name": "ADV-2008-1121", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/1121/references"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-1866", "datePublished": "2008-04-17T17:00:00", "dateReserved": "2008-04-17T00:00:00", "dateUpdated": "2024-08-07T08:40:59.864Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:pixel_motion:pixel_motion_blog:*:*:*:*:*:*:*:*", "matchCriteriaId": "10852BB8-8028-49C5-A40C-112190649BB1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "admin/modif_config.php in Blog Pixel Motion (aka PixelMotion) does not require admin authentication, which allows remote authenticated users to upload arbitrary PHP scripts in a ZIP archive, which is written to templateZip/ and then automatically extracted under templates/ for execution via a direct request."}, {"lang": "es", "value": "admin/modif_config.php en Blog Pixel Motion (tambi\u00e9n conocida como PixelMotion) no requiere autenticaci\u00f3n de admin, lo que permite a usuarios autenticados subir scripts PHP de su elecci\u00f3n en un archivo ZIP, el cual esta escrito en templateZip/ y luego autom\u00e1ticamente extraido bajo templates/ para ejecutarse mediante una petici\u00f3n directa."}], "id": "CVE-2008-1866", "lastModified": "2024-11-21T00:45:32.367", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-04-17T19:05:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/28646"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/1121/references"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41670"}, {"source": "cve@mitre.org", "url": "https://www.exploit-db.com/exploits/5381"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/28646"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1121/references"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41670"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/5381"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}