Published: 03/10/2008 Updated: 29/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Personal Information Manager

Unrestricted file upload vulnerability in upload.php in Phlatline's Personal Information Manager (pPIM) 1.0 and previous versions allows remote malicious users to execute arbitrary code by uploading a .php file, then accessing it via a direct request to the file in the top-level directory.

Vulnerable Product	Search on Vulmon	Subscribe to Product
phlatline personal information manager

########################################################## #Author : BeyazKurt #Contact : Djm-sut@HotmailCom # #Script : Ppim v10 [Bu ne bicim script adidir amk :D ] #Download : scriptsringsworldcom/organizers/ppimzip # # D0rk : inurl:eventsphp?listallevents # # File Delete Vulnerability: uploadphp # # Example:creawebscommx/ ...

- -= pPIM Multiple Vulnerabilities =- Version Tested: pPIM 10 Vendor notified Full details can also be found at wwwlampsecurityorg/node/18 Author: Justin C Klein Keane <justin@madirishnet> Description pPIM (wwwphlatlineorg/indexphp?page=prod-ppim) is a Personal Information Management application written in PHP that c ...

Ppim <= 10 (upload/change password) Multiple Vulnerabilities cript : Ppim v10 Download : scriptsringsworldcom/organizers/ppimzip By Stack Poc 1: change password for change password go to this link localhost/ppim/changepasswordphp writhe your password and confirm it Poc 2 : upload localhost/ppim/uploadphp you can uplo ...

CWE-20 http://secunia.com/advisories/31424 http://www.securityfocus.com/bid/30627 http://securityreason.com/securityalert/4349 https://exchange.xforce.ibmcloud.com/vulnerabilities/44390 https://www.exploit-db.com/exploits/6231 https://nvd.nist.gov https://www.exploit-db.com/exploits/6215/

CVE-2008-4428

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect