CVE-2005-3021

image.php in vBulletin 3.0.9 and earlier allows remote attackers with access to the administrator panel to upload arbitrary files via the upload action.

Published: Sep 22, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-3021
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
jelsoft / vbulletin	2.2.0	2.2.0.x
jelsoft / vbulletin	2.0_rc2	2.0_rc2.x
jelsoft / vbulletin	3.0.4	3.0.4.x
jelsoft / vbulletin	3.0_beta_6	3.0_beta_6.x
jelsoft / vbulletin	2.3.0	2.3.0.x
jelsoft / vbulletin	2.3.2	2.3.2.x
jelsoft / vbulletin	3.0.1	3.0.1.x
jelsoft / vbulletin	2.0_rc3	2.0_rc3.x
jelsoft / vbulletin	3.0.6	3.0.6.x
jelsoft / vbulletin	2.2.1	2.2.1.x
jelsoft / vbulletin	2.2.7	2.2.7.x
jelsoft / vbulletin	2.0.3	2.0.3.x
jelsoft / vbulletin	3.0_beta_7	3.0_beta_7.x
jelsoft / vbulletin	3.0.9	3.0.9.x
jelsoft / vbulletin	3.0_beta_3	3.0_beta_3.x
jelsoft / vbulletin	2.2.4	2.2.4.x
jelsoft / vbulletin	3.0_beta_2	3.0_beta_2.x
jelsoft / vbulletin	2.2.2	2.2.2.x
jelsoft / vbulletin	2.2.5	2.2.5.x
jelsoft / vbulletin	2.2.6	2.2.6.x
jelsoft / vbulletin	3.0.2	3.0.2.x
jelsoft / vbulletin	3.0_gamma	3.0_gamma.x
jelsoft / vbulletin	2.2.9	2.2.9.x
jelsoft / vbulletin	3.0.7	3.0.7.x
jelsoft / vbulletin	3.0.8	3.0.8.x
jelsoft / vbulletin	3.0_beta_4	3.0_beta_4.x
jelsoft / vbulletin	3.0.3	3.0.3.x
jelsoft / vbulletin	1.0.1	1.0.1.x
jelsoft / vbulletin	3.0.5	3.0.5.x
jelsoft / vbulletin	2.2.8	2.2.8.x
jelsoft / vbulletin	2.3.4	2.3.4.x
jelsoft / vbulletin	2.2.3	2.2.3.x
jelsoft / vbulletin	3.0	3.0.x
jelsoft / vbulletin	3.0_beta_5	3.0_beta_5.x
jelsoft / vbulletin	2.3.3	2.3.3.x

Vulnerability Database

CVE-2005-3021

Deep Security Visibility Without the Complexity