CyberSec.Space Logo
CVEブラウザに戻る

CVE-2014-0468

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0810%
EPSS Percentile21.17th
Published2025年6月26日
Last Modified2025年8月6日

Vulnerability Description

Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr...). This issue affects fusionforge: before 5.3+20140506.

Affected Platforms (CPE)

📦
Fusionforge

Fusionforge

< 5.3\+20140506.

References & Advisories

🔗 http://lists.fusionforge.org/pipermail/fusionforge-general/2014-March/002645.html
🔗 https://web.archive.org/web/20151019035734/http://lists.fusionforge.org/pipermail/fusionforge-general/2014-March/002645.html

関連する脆弱性情報

CVE-2015-085010.0

The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via an unspecified parameter when c...

CVE-2013-14236.9

(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, (4) deb-specific/group_dump_updat...

CVE-2014-62755.9

FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. If...

CVE-2014-049810.0

Stack-based buffer overflow in Adobe Flash Player before 11.7.700.269 and 11.8.x through 12.0.x before 12.0.0.70 on Windows and Ma...