CVE-2002-1841

2005-06-2804:00:00

mitre

www.cve.org

AI Score

7.5

Confidence

High

EPSS

0.004

Percentile

72.9%

JSON

The document management module in NOLA 1.1.1 and 1.1.2 does not restrict the types of files that are uploaded, which allows remote attackers to upload and execute arbitrary PHP files with extensions such as .php4.

References

marc.info/?l=vuln-dev&m=102511114021370&w=2

marc.info/?l=vuln-dev&m=102520790718208&w=2

online.securityfocus.com/archive/1/280340

www.iss.net/security_center/static/9438.php

www.securityfocus.com/bid/5116