CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2008-4428

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1210%
EPSS Percentile39.64th
Published2008年10月3日
Last Modified2026年4月23日

Vulnerability Description

Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and earlier allows remote attackers to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-level directory.

Affected Platforms (CPE)

📦
Phlatline

Personal Information Manager

<= 1.0

References & Advisories

🔗 http://secunia.com/advisories/31424
🔗 http://securityreason.com/securityalert/4349
🔗 http://www.securityfocus.com/bid/30627
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/44390
🔗 https://www.exploit-db.com/exploits/6231
🔗 http://secunia.com/advisories/31424
🔗 http://securityreason.com/securityalert/4349
🔗 http://www.securityfocus.com/bid/30627

相關漏洞威脅

CVE-2019-111969.8

An authentication bypass vulnerability in all versions of ValuePLUS Integrated University Management System (IUMS) allows unauthen...

CVE-2016-06358.8

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2,...

CVE-2008-44258.8

Directory traversal vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 allows remote attackers to ...

CVE-2025-119598.1

Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerabili...