Input validation

2006-05-1200:02:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

75.9%

JSON

PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, as demonstrated by uploading then executing an avatar file that ends in “.php.gif” and contains PHP code in EXIF metadata.

CPENameOperatorVersion
php_fusioneq6.00.105
php_fusioneq6.00.106
php_fusioneq6.00.107
php_fusioneq6.00.303
php_fusioneq6.00.3
php_fusioneq6.00.306
php_fusioneq6.00.304
php_fusioneq6.00.110
php_fusioneq6.00.109
php_fusioneq6.00.206

Name	Operator	Version
php_fusion	eq	6.00.105
php_fusion	eq	6.00.106
php_fusion	eq	6.00.107
php_fusion	eq	6.00.303
php_fusion	eq	6.00.3
php_fusion	eq	6.00.306
php_fusion	eq	6.00.304
php_fusion	eq	6.00.110
php_fusion	eq	6.00.109
php_fusion	eq	6.00.206

Rows per page:

1-10 of 111

References

secunia.com/advisories/19992

securityreason.com/securityalert/873

www.osvdb.org/25537

www.php-fusion.co.uk/news.php

www.securityfocus.com/archive/1/433277/100/0/threaded

www.securityfocus.com/bid/17898

www.vupen.com/english/advisories/2006/1735

exchange.xforce.ibmcloud.com/vulnerabilities/26388