Vulnerability Details CVE-2008-2920
admin/filemanager/ (aka the File Manager) in EZTechhelp EZCMS 1.2 and earlier does not require authentication, which allows remote attackers to create, modify, read, and delete files.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.061
EPSS Ranking 90.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://ezcms.eztechhelp.com/index.php?page=3&nid=27
- http://www.securityfocus.com/bid/29738
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43091
- https://www.exploit-db.com/exploits/5819
- http://ezcms.eztechhelp.com/index.php?page=3&nid=27
- http://www.securityfocus.com/bid/29738
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43091
- https://www.exploit-db.com/exploits/5819
Products affected by CVE-2008-2920
-
cpe:2.3:a:ezcms:eztechhelp_ezcms:*