Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 10/08/2009 Updated: 29/09/2017

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 685

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Unrestricted file upload vulnerability in admin/galeria.php in ThePortal2 2.2 allows remote malicious users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in galeria/.

Vulnerable Product	Search on Vulmon	Subscribe to Product
theportal2.pl theportal2 2.2

[ web apps] theportal2 v22 (Auth bypass) file upload -------------------- Author: siurek22 -------------------- You need curl to run it -------------------- Code: -------------------- uploadphp <?php $file=$_POST['url']; $fel=explode("\n", $file); $ile=count($fel); if(empty($file)) { echo'<br><br><br> ...

CWE-264 http://www.securityfocus.com/bid/33057 http://osvdb.org/51143 http://secunia.com/advisories/33321 https://exchange.xforce.ibmcloud.com/vulnerabilities/47649 https://www.exploit-db.com/exploits/7620 https://nvd.nist.gov https://www.exploit-db.com/exploits/7620/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-6918

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect