Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 12/02/2007 Updated: 16/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Unrestricted file upload vulnerability in eXtremePow eXtreme File Hosting allows remote malicious users to upload arbitrary PHP code via a filename with a double extension such as (1) .rar.php or (2) .zip.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
extremepow extreme file hosting

source: wwwsecurityfocuscom/bid/22498/info eXtreme File Hosting is prone to an arbitrary file-upload vulnerability because it fails to sufficiently sanitize user-supplied input Exploiting this issue could allow an attacker to upload and execute arbitrary PHP script code in the context of the affected webserver process This may help the ...

NVD-CWE-Other http://www.securityfocus.com/bid/22498 http://secunia.com/advisories/24088 http://securityreason.com/securityalert/2231 http://osvdb.org/33181 https://exchange.xforce.ibmcloud.com/vulnerabilities/32435 http://www.securityfocus.com/archive/1/459562/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/29574/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-0871

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect