2 matches found
CVE-2007-1032
Summary: CVE-2007-1032 affects phpMyFAQ 1.6.9 and earlier. The issue allows a remote attacker to upload files with the web server’s privileges when PHP register_globals is enabled. The vulnerability is triggered via scripts in the admin area (admin/attachment.php and admin/editor/plugins/ImageMan...
phpMyFAQ < 1.6.10 Multiple Script Arbitrary File Upload
The installation of phpMyFAQ on the remote host allows for bypassing authentication or escalating privileges via the 'admin/attachment.php' and 'admin/editor/plugins/ImageManager/images.php' scripts. By leveraging these issues, a remote attacker can upload files, possibly even containing arbitrar...