PT-2002-2481 · Phprojekt · Phprojekt

Published

2002-12-31

Updated

2017-07-12

CVE-2002-1759

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions PHProjekt versions 2.0 through 3.1

Description The issue concerns the upload function, which does not properly verify certain variables related to uploaded data. This allows remote attackers to cause PHProjekt to process arbitrary files.

Recommendations For PHProjekt versions 2.0 through 3.1, consider disabling the upload function until a patch is available to prevent remote attackers from processing arbitrary files.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-1759

Affected Products

Phprojekt

PT-2002-2481 · Phprojekt · Phprojekt

CVE-2002-1759

Related Identifiers

Affected Products

References · 4