CVE-2007-2025

2007-04-13T18:19:00
ID CVE-2007-2025
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T21:22:00

Description

Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file.