PT-2007-2933 · Phpx · Phpx

Published

2007-03-20

Updated

2018-10-16

CVE-2007-1549

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions phpx version 3.5.15

Description The issue allows remote attackers to upload and execute arbitrary PHP scripts via an addImage action in the gallery.php file. This action places the uploaded scripts into the gallery/shelties/ directory.

Recommendations For phpx version 3.5.15, consider restricting access to the gallery.php file or disabling the addImage action to prevent the upload and execution of arbitrary PHP scripts until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-1549

Affected Products

Phpx

PT-2007-2933 · Phpx · Phpx

CVE-2007-1549

Related Identifiers

Affected Products

References · 5