CyberSec.Space Logo
Back to CVE Browser

CVE-2014-0468

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0810%
EPSS Percentile21.17th
PublishedJun 26, 2025
Last ModifiedAug 6, 2025

Vulnerability Description

Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr...). This issue affects fusionforge: before 5.3+20140506.

Affected Platforms (CPE)

📦
Fusionforge

Fusionforge

< 5.3\+20140506.

References & Advisories

🔗 http://lists.fusionforge.org/pipermail/fusionforge-general/2014-March/002645.html
🔗 https://web.archive.org/web/20151019035734/http://lists.fusionforge.org/pipermail/fusionforge-general/2014-March/002645.html

Related Vulnerabilities

CVE-2015-085010.0

The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via an unspecified parameter when c...

CVE-2013-14236.9

(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, (4) deb-specific/group_dump_updat...

CVE-2014-62755.9

FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. If...

CVE-2014-049810.0

Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Ma...