Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5733

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-5733
Last Modified 15 Nov 2008 02:02:01
Published 30 Oct 2007 07:46:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5733

Summary

Unrestricted file upload vulnerability in upload/upload.php in Japanese PHP Gallery Hosting, when Open directory mode is enabled, allows remote attackers to upload and execute arbitrary PHP code via a ServerPath parameter specifying a filename with a double extension. NOTE: some of these details are obtained from third party information.

Vulnerable Systems

Application

  • Japanese Php Gallery Hosting


References

BID - 26179

BUGTRAQ - 20071023 [Vulz] Japanese PHP Gallery Hosting File Upload Vulz

OSVDB - 39015

SREASON - 3322


Last Updated: 27 May 2016 10:46:15