2 matches found
CVE-2007-5071
CVE-2007-5071 is an incomplete blacklist vulnerability in Simple PHP Blog. The flaw lies in upload_img_cgi.php on versions before 0.5.1, allowing remote attackers to upload dangerous files (e.g., PHP files or .htaccess) and execute arbitrary code, demonstrated by such filenames. This describes a ...
CVE-2007-5071
Incomplete blacklist vulnerability in uploadimgcgi.php in Simple PHP Blog before 0.5.1 allows remote attackers to upload dangerous files and execute arbitrary code, as demonstrated by a filename ending in .php. or a .htaccess file, a different vector than CVE-2005-2733. NOTE: the vulnerability wa...