CVE-2007-6479

NONE

Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute a

公開日: 12/20/2007更新日: 4/9/2025
NVDで表示MITREで表示

説明

Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php (aka the "My profile" page) in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double extension, which can then be accessed through a URI under main/upload/users/.

AI分析AIによる分析

影響を受ける製品

dokeosdokeos
1.8.4

利用可能なエクスプロイト (1)

参照