CVE

Id
28758  
CVE No.
CVE-2007-5401  
Status
Candidate  
Description
Unrestricted file upload vulnerability in uploadrequest.asp in Layton HelpBox 3.7.1 allows remote authenticated users to upload and execute arbitrary ASP files, related to not properly checking file extensions.  
Phase
Assigned (20071012)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
300916 28758 CVE-2007-5401 MISC:http://secunia.com/secunia_research/2007-94/advisory/  View
300917 28758 CVE-2007-5401 BID:27187  View
300918 28758 CVE-2007-5401 URL:http://www.securityfocus.com/bid/27187  View
300919 28758 CVE-2007-5401 SECUNIA:27699  View
300920 28758 CVE-2007-5401 URL:http://secunia.com/advisories/27699  View
300921 28758 CVE-2007-5401 XF:helpbox-uploadrequest-file-upload(39536)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
48538 JVNDB-2008-003848 Layton HelpBox におけるクロスサイトスクリプティングの脆弱性 Layton HelpBox には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2007-5403 28758 3.5 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-003848.html  View