Lucene search
MitreCVELIST:CVE-2007-1255HistoryMar 03, 2007 - 8:00 p.m.
CVE-2007-1255
2007-03-0320:00:00
mitre
www.cve.org
4
Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated administrators to execute arbitrary PHP code by uploading a crafted GIF smiley image with a .php extension via the uploadimage parameter to admin.php, which can be later accessed via a direct request for the file in smileys/. NOTE: this can be leveraged with a separate SQL injection issue for remote unauthenticated attacks.
Related
nvd
nvd
CVE-2007-1255
2007-03-03 20:19:00
prion
prion
Unrestricted file upload
2007-03-03 20:19:00
cve
cve
CVE-2007-1255
2007-03-03 20:19:00
exploitdb
exploitdb
Connectix Boards 0.7 - 'p_skin' Multiple Vulnerabilities
2007-02-21 00:00:00
securityvulns
securityvulns