Vulnerabilities

CVE-2007-1639

by Fred · 23/03/2007

Unrestricted file upload vulnerability in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allows remote authenticated users to upload and execute arbitrary PHP code via a file with an executable extension, which is then accessed by the (1) calendar or (2) file management module, or possibly unspecified other files.

Date published : 2007-03-23

http://www.securityfocus.com/bid/22956

http://www.securityfocus.com/archive/1/462785/100/100/threaded

Similar

Tags: Cybersecurity Alert