7 matches found
EUVD-2015-3057
Malware in sbrugna...
LEMON-S PHP Gazou BBS plus Arbitrary File Upload Vulnerability
LEMON-S PHP Gazou BBS plus is a free PHP-based electronic bulletin board system BBS. A security vulnerability exists in LEMON-S PHP Gazou BBS plus 2.35 and earlier versions. The vulnerability can be exploited by remote attackers to upload arbitrary HTML documents using specially crafted image fil...
CVE-2015-2974
LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file...
Design/Logic Flaw
LEMON-S PHP Gazou BBS plus before 2.36 allows remote attackers to upload arbitrary HTML documents via vectors involving a crafted image file...
CVE-2015-2974
Gazou BBS plus (LEMON-S PHP) prior to version 2.36 is affected by a vulnerability in file upload processing that allows remote attackers to upload arbitrary HTML documents via specially crafted image files. Exploitation details are consistent across multiple sources (CNVD/NVD/JVN). The impact is ...
Gazou BBS plus vulnerability in file upload processing
Overview Gazou BBS plus provided by LEMON-S PHP contains a vulnerability in the processing of file uploads. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An image file may be specially crafted t...
JVN#86680970: Gazou BBS plus vulnerability in file upload processing
Gazou BBS plus provided by LEMON-S PHP contains a vulnerability in the processing of file uploads. Impact An image file may be specially crafted to upload arbitrary HTML files. Solution Apply an Update Apply the update according to the information provided by the provider. Products Affected Gazou...