KEVIntel
PRO Back to KEVs
6.8
CVSS
Medium

CVE-2012-6498

PUBLISHED

Unrestricted file upload vulnerability in index.php in Atomymaxsite 2.5 and earlier allows remote attackers to execute arbitrary code by uploading...

Exploited in the wild Remote
Vendor
Atomymaxsite
Product
Atomymaxsite
Published
Jan 08, 2013
EPSS

Automate this intelligence with the Pro API

Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.

Learn about Pro

Description

Unrestricted file upload vulnerability in index.php in Atomymaxsite 2.5 and earlier allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file, as exploited in the wild in October 2012.

php

CVSS scores

CVSS v2.0 6.8 Medium

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitation status

Exploited in the wild

Recorded 2013-01-08 15:00:00 UTC · CVE

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CVE First 2013-01-08 15:00 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel