CVE

Id
26099  
CVE No.
CVE-2007-2742  
Status
Candidate  
Description
Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 Beta4 allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as .php.jpg.  
Phase
Assigned (20070517)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
262549 26099 CVE-2007-2742 BUGTRAQ:20070514 ImI image file inclusion in script upload  View
262550 26099 CVE-2007-2742 URL:http://marc.info/?l=bugtraq&m=117924253030935&w=2  View
262551 26099 CVE-2007-2742 BID:23975  View
262552 26099 CVE-2007-2742 URL:http://www.securityfocus.com/bid/23975  View
262553 26099 CVE-2007-2742 OSVDB:36830  View
262554 26099 CVE-2007-2742 URL:http://osvdb.org/36830  View
262555 26099 CVE-2007-2742 XF:w2box-doubleextension-file-upload(34302)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
56891 JVNDB-2007-005583 PrecisionID_Barcode.dll の PrecisionID Barcode ActiveX コントロールにおけるスタックベースのバッファオーバーフローの脆弱性 PrecisionID_Barcode.dll の PrecisionID Barcode ActiveX コントロールには、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2007-2744 26099 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005583.html  View