PT-2007-5698 · Phphq.Net · Phphq.Net Phuploader

Publicado

2007-08-25

Atualizado

2008-11-15

CVE-2007-4527

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions phphq.Net phUploader version 1.2

Description The issue concerns an unrestricted file upload vulnerability in the phUploader.php file. This allows remote attackers to upload and execute arbitrary code. The exact vectors used for the attack are not specified.

Recommendations For version 1.2, consider restricting or disabling the file upload functionality in phUploader.php until a fix is available. As a temporary workaround, restrict access to the phUploader.php file to minimize the risk of exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-4527

Produtos afetados

Phphq.Net Phuploader

PT-2007-5698 · Phphq.Net · Phphq.Net Phuploader

CVE-2007-4527

Identificadores relacionados

Produtos afetados

Referências · 4