CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2014-0468

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0810%
EPSS Percentile21.17th
Published2025年6月26日
Last Modified2025年8月6日

Vulnerability Description

Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr...). This issue affects fusionforge: before 5.3+20140506.

Affected Platforms (CPE)

📦
Fusionforge

Fusionforge

< 5.3\+20140506.

References & Advisories

🔗 http://lists.fusionforge.org/pipermail/fusionforge-general/2014-March/002645.html
🔗 https://web.archive.org/web/20151019035734/http://lists.fusionforge.org/pipermail/fusionforge-general/2014-March/002645.html

相關漏洞威脅

CVE-2015-085010.0

The Git plugin for FusionForge before 6.0rc4 allows remote attackers to execute arbitrary code via an unspecified parameter when c...

CVE-2013-14236.9

(1) contrib/gforge-3.0-cronjobs.patch, (2) cronjobs/homedirs.php, (3) deb-specific/fileforge.pl, (4) deb-specific/group_dump_updat...

CVE-2014-62755.9

FusionForge before 5.3.2 use scripts that run under the shared Apache user, which is also used by project homepages by default. If...

CVE-2014-052310.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...