CVE

Id
28588  
CVE No.
CVE-2007-5231  
Status
Candidate  
Description
Unrestricted file upload vulnerability in admin/upload_files.php in Zomplog 3.8.1 and earlier allows remote authenticated administrators to upload and execute arbitrary .php files by sending a modified MIME type. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2007-5230.  
Phase
Assigned (20071005)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
297229 28588 CVE-2007-5231 MILW0RM:4466  View
297230 28588 CVE-2007-5231 URL:http://milw0rm.com/exploits/4466  View
297231 28588 CVE-2007-5231 BID:25861  View
297232 28588 CVE-2007-5231 URL:http://www.securityfocus.com/bid/25861  View
297233 28588 CVE-2007-5231 SECUNIA:27028  View
297234 28588 CVE-2007-5231 URL:http://secunia.com/advisories/27028  View
297235 28588 CVE-2007-5231 XF:zomplog-uploadfiles-file-upload(36872)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
54041 JVNDB-2007-002733 Web Template Management System の index.php における SQL インジェクションの脆弱性 Web Template Management System の index.php には、SQL インジェクションの脆弱性が存在します。 CVE-2007-5233 28588 7.5 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002733.html  View