PHP-Nuke DownloadsPlus Module - Arbitrary File Upload Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28919/info The DownloadsPlus module for PHP-Nuke is prone to a vulnerability that lets remote attackers upload and execute arbitrary code because the application fails to sanitize user-supplied input. This issue permits...

CVE-2008-4767

Unrestricted file upload vulnerability in the DownloadsPlus module in PHP-Nuke allows remote attackers to execute arbitrary code by uploading a file with 1 .htm, 2 .html, or 3 .txt extensions, then accessing it via a direct request to the file. NOTE: the provenance of this information is unknown;...

CVE-2008-4767

The CVE-2008-4767 entry describes an unrestricted file upload vulnerability in the DownloadsPlus module of PHP-Nuke. An attacker could upload a file with .htm, .html, or .txt extensions and then access it directly to trigger arbitrary code execution. The description notes uncertainty about how .h...

PHP-Nuke DownloadsPlus Module - Arbitrary File Upload

source: https://www.securityfocus.com/bid/28919/info The DownloadsPlus module for PHP-Nuke is prone to a vulnerability that lets remote attackers upload and execute arbitrary code because the application fails to sanitize user-supplied input. This issue permits attackers to upload arbitrary files...

PHP-Nuke DownloadsPlus Module - Arbitrary File Upload

PHP-Nuke DownloadsPlus Module - Arbitrary File Upload source: https://www.securityfocus.com/bid/28919/info The DownloadsPlus module for PHP-Nuke is prone to a vulnerability that lets remote attackers upload and execute arbitrary code because the application fails to sanitize user-supplied input...