Информационная безопасность
[RU] switch to English


CVECVE-2007-1097
СтатусCandidate
ОписаниеUnrestricted file upload vulnerability in the onAttachFiles function in the upload tool (inc/lib/attachment.lib.php) in Wiclear before 0.11.1 allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors related to filename validation.  NOTE: some details were obtained from third party information.
Важность
High
CVSS score7
CVSS vector(AV:R/AC:L/Au:NR/C:P/I:P/A:P/B:N)
PhaseAssigned (26.02.2007)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-1097
ReferencesSECUNIA : 24286
 FRSIRT : ADV-2007-0792
 CONFIRM : http://wiclear.free.fr/?Download
 XF : wiclear-onattachfiles-file-upload(32757)
SecurityVulns:Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )
О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород