CVE

Id
24228  
CVE No.
CVE-2007-0871  
Status
Candidate  
Description
Unrestricted file upload vulnerability in eXtremePow eXtreme File Hosting allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as (1) .rar.php or (2) .zip.php.  
Phase
Assigned (20070212)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
237233 24228 CVE-2007-0871 BUGTRAQ:20070209 eXtreme File Hosting remote file upload vulnerability  View
237234 24228 CVE-2007-0871 URL:http://www.securityfocus.com/archive/1/archive/1/459562/100/0/threaded  View
237235 24228 CVE-2007-0871 BID:22498  View
237236 24228 CVE-2007-0871 URL:http://www.securityfocus.com/bid/22498  View
237237 24228 CVE-2007-0871 OSVDB:33181  View
237238 24228 CVE-2007-0871 URL:http://osvdb.org/33181  View
237239 24228 CVE-2007-0871 SECUNIA:24088  View
237240 24228 CVE-2007-0871 URL:http://secunia.com/advisories/24088  View
237241 24228 CVE-2007-0871 SREASON:2231  View
237242 24228 CVE-2007-0871 URL:http://securityreason.com/securityalert/2231  View
237243 24228 CVE-2007-0871 XF:extremefilehosting-compressed-file-upload(32435)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
54668 JVNDB-2007-003360 nabopoll における認証を回避される脆弱性 nabopoll には、認証を回避される、および特定の管理機能にアクセスされる脆弱性が存在します。 CVE-2007-0873 24228 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003360.html  View