Unrestricted file upload vulnerability in signup.php in e107 0.7.8 and previous versions, when photograph upload is enabled, allows remote malicious users to upload and execute arbitrary PHP code via a filename with a double extension such as .php.jpg.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
e107 e107 0.7.6 |
||
e107 e107 0.7.7 |
||
e107 e107 0.7 |
||
e107 e107 0.7.1 |
||
e107 e107 0.7.8 |
||
e107 e107 0.7.4 |
||
e107 e107 0.7.5 |
||
e107 e107 0.7.2 |
||
e107 e107 0.7.3 |