Unrestricted file upload vulnerability in image_upload.php in the SimpleBoard (com_simpleboard) component 1.0.1 and earlier for Mambo allows remote attackers to execute arbitrary code by uploading a file with an executable extension and an image/jpeg content type, then accessing this file via a direct request to the file in components/com_simpleboard/, a different vulnerability than CVE-2006-3528.
CPE | Name | Operator | Version |
---|---|---|---|
com_simpleboard | le | 1.0.1 | |
com_simpleboard | eq | 0.9 | |
com_simpleboard | eq | 0.9.1 | |
com_simpleboard | eq | 0.9.2 | |
com_simpleboard | eq | 1.0 rc2 | |
com_simpleboard | eq | 1.0 rc1 | |
com_simpleboard | eq | 1.0 rc3 |