CVE-2007-6668

CVE-2007-6668 affects admin/uploadgames.php in MySpace Content Zone (MCZ) 3.x, where a missing requirement for administrative privileges enables remote attackers to upload arbitrary files (demonstrated with a .php file and a .php%00.jpeg). The connected records confirm the vulnerability’s existen...

CVE-2007-6668

admin/uploadgames.php in MySpace Content Zone MCZ 3.x does not require administrative privileges, which allows remote attackers to perform unrestricted file uploads, as demonstrated by uploading 1 a .php file and 2 a .php%00.jpeg file...