CVE-2004-1545

Name of the Vulnerable Software and Affected Versions MoniWiki versions 1.0.9.2 and earlier

Description The issue arises from the improper handling of files with multiple extensions by UploadFile.php in MoniWiki when used in conjunction with Apache mod mime. This allows remote attackers to upload files with names such as .php.hwp and execute arbitrary code.

Recommendations For MoniWiki versions 1.0.9.2 and earlier, consider restricting or disabling the UploadFile.php functionality until a proper fix is applied to handle files with multiple extensions securely. Additionally, review and enforce strict file type validation and handling to prevent the upload and execution of malicious files.