VYPR
Unrated severityNVD Advisory· Published Jun 15, 2010· Updated Jun 16, 2026

CVE-2010-1514

CVE-2010-1514

Description

Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier allows remote authenticated users, with certain privileges, to execute arbitrary PHP code by uploading an image file, and then accessing it via a direct request to the file in an unspecified directory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

10
  • Tomatocms/Tomatocms10 versions
    cpe:2.3:a:tomatocms:tomatocms:*:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:tomatocms:tomatocms:*:*:*:*:*:*:*:*range: <=2.0.6
    • cpe:2.3:a:tomatocms:tomatocms:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:tomatocms:tomatocms:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:tomatocms:tomatocms:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:tomatocms:tomatocms:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:tomatocms:tomatocms:2.0.3.1430:*:*:*:*:*:*:*
    • cpe:2.3:a:tomatocms:tomatocms:2.0.3.1622:*:*:*:*:*:*:*
    • cpe:2.3:a:tomatocms:tomatocms:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:tomatocms:tomatocms:2.0.5:*:*:*:*:*:*:*
    • (no CPE)range: <=2.0.6

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.