Unrestricted file upload vulnerability in admin/upload_files.php in Zomplog 3.8.1 and previous versions allows remote authenticated administrators to upload and execute arbitrary .php files by sending a modified MIME type. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2007-5230.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zomplog zomplog 3.8 |
||
zomplog zomplog 3.8.1 |
||
zomplog zomplog 3.7 |
||
zomplog zomplog 3.7.6 |