Lucene search
PRIOn knowledge basePRION:CVE-2007-2025HistoryApr 13, 2007 - 6:19 p.m.
Unrestricted file upload
2007-04-1318:19:00
PRIOn knowledge base
www.prio-n.com
1
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file.
References
secunia.com/advisories/25307
secunia.com/advisories/26784
www.debian.org/security/2007/dsa-1371
www.gentoo.org/security/en/glsa/glsa-200705-16.xml
www.nabble.com/Important-UpLoad-security-fix%21-was--Fwd%3A--phpwiki---Open-Discussion--RE%3A-upload-security-risk--t3543463.html
sourceforge.net/forum/message.php?msg_id=4249177
Related
cve
cve
CVE-2007-2025
2007-04-13 18:19:00
cvelist
cvelist
CVE-2007-2025
2007-04-13 18:00:00
ubuntucve
ubuntucve
CVE-2007-2025
2007-04-13 00:00:00
nvd
nvd
CVE-2007-2025
2007-04-13 18:19:00
openvas
openvas
Gentoo Security Advisory GLSA 200705-16 (phpwiki)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200705-16 (phpwiki)
2008-09-24 00:00:00
Debian Security Advisory DSA 1371-1 (phpwiki)
2008-01-17 00:00:00
gentoo
gentoo
PhpWiki: Remote execution of arbitrary code
2007-05-17 00:00:00
nessus
nessus
GLSA-200705-16 : PhpWiki: Remote execution of arbitrary code
2007-05-20 00:00:00
Debian DSA-1371-1 : phpwiki - several vulnerabilities
2007-09-14 00:00:00
debian
debian
[SECURITY] [DSA 1371-1] New phpwiki packages fix several vulnerabilities
2007-09-11 18:46:30
osv
osv
phpwiki - several vulnerabilities
2007-09-11 00:00:00
securityvulns
securityvulns