CVE-2010-5091

SilverStripe <2.3.8, <2.4.1 - Authenticated RCE

Title source: llm
STIX 2.1

Description

The setName function in filesystem/File.php in SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1 allows remote authenticated users with CMS author privileges to execute arbitrary PHP code by changing the extension of an uploaded file.

References (8)

Core 8
Core References
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/05/01/3
Various Sources x_refsource_misc
http://open.silverstripe.org/ticket/5693
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/04/30/1
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2012/04/30/3

Scores

EPSS 0.0137
EPSS Percentile 68.6%

Details

CWE
CWE-94
Status published
Products (9)
silverstripe/silverstripe 2.3.0 (4 CPE variants)
silverstripe/silverstripe 2.3.1 (3 CPE variants)
silverstripe/silverstripe 2.3.2
silverstripe/silverstripe 2.3.3
silverstripe/silverstripe 2.3.4
silverstripe/silverstripe 2.3.5
silverstripe/silverstripe 2.3.6
silverstripe/silverstripe 2.3.7
silverstripe/silverstripe 2.4.0
Published Aug 26, 2012
Tracked Since Feb 18, 2026