{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T08:16:36.902","vulnerabilities":[{"cve":{"id":"CVE-2008-1230","sourceIdentifier":"cve@mitre.org","published":"2008-03-10T17:44:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unrestricted file upload vulnerability in JSPWiki 2.4.104 and 2.5.139 allows remote attackers to upload and execute arbitrary .jsp files via an unspecified manipulation that attaches a .jsp file to an \"entry page.\""},{"lang":"es","value":"Vulnerabilidad de subidas de archivos sin restringir en JSPWiki 2.4.104  y 2.5.139, permite a atacantes remotos subir y ejecutar archivos .jsp a través de una manipulación no especificada que adjunta el archivo .jsp a una \"entry page\"."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-264"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jspwiki:jspwiki:2.4.104:*:*:*:*:*:*:*","matchCriteriaId":"16A83901-3F2B-47D1-8D6E-A88A4F5427CD"},{"vulnerable":true,"criteria":"cpe:2.3:a:jspwiki:jspwiki:2.5.139:*:*:*:*:*:*:*","matchCriteriaId":"6F4F141F-86C3-4A32-BC12-10BCB25501C3"},{"vulnerable":true,"criteria":"cpe:2.3:a:jspwiki:jspwiki:2.5.139_beta:*:*:*:*:*:*:*","matchCriteriaId":"0AAE134F-D5A8-4E2B-8EF4-6113867D63D6"}]}]}],"references":[{"url":"http://marc.info/?l=bugtraq&m=120300554011544&w=2","source":"cve@mitre.org","tags":["Exploit"]},{"url":"http://secunia.com/advisories/28969","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.bugsec.com/articles.php?Security=48&Web-Application-Firewall=0","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/27785","source":"cve@mitre.org","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/40511","source":"cve@mitre.org"},{"url":"https://www.exploit-db.com/exploits/5112","source":"cve@mitre.org"},{"url":"http://marc.info/?l=bugtraq&m=120300554011544&w=2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"http://secunia.com/advisories/28969","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.bugsec.com/articles.php?Security=48&Web-Application-Firewall=0","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/27785","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit"]},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/40511","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.exploit-db.com/exploits/5112","source":"af854a3a-2127-422b-91ae-364da2661108"}],"evaluatorSolution":"Reference links suggest possible solution upgrade to latest version (2.6.1) at:\r\nhttp://www.jspwiki.org/wiki/JSPWikiDownload"}}]}