CVE-2007-1129

2007-02-27T02:28:00
ID CVE-2007-1129
Type cve
Reporter cve@mitre.org
Modified 2018-10-16T16:36:00

Description

Multiple unrestricted file upload vulnerabilities in MTCMS 3.2 allow remote attackers to upload and execute files via (1) an avatar upload in an add_down action, or (2) an add_link action. Per: http://cwe.mitre.org/data/definitions/434.html 'CWE-434: Unrestricted Upload of File with Dangerous Type'