Описание
UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code.
UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-1545
- https://exchange.xforce.ibmcloud.com/vulnerabilities/18493
- http://archives.neohapsis.com/archives/fulldisclosure/2004-12/0448.html
- http://kldp.net/scm/cvsweb.php/moniwiki/plugin/UploadFile.php.diff?cvsroot=moniwiki&only_with_tag=HEAD&r1=text&tr1=1.17&r2=text&tr2=1.16&f=h
- http://marc.info/?l=bugtraq&m=110314544711884&w=2
- http://secunia.com/advisories/13478
- http://www.securityfocus.com/bid/11951
EPSS
Процентиль: 82%
0.01796
Низкий
CVE ID
Связанные уязвимости
nvd
больше 20 лет назад
UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache mod_mime, does not properly handle files with two file extensions, such as .php.hwp, which allows remote attackers to upload and execute arbitrary code.
debian
больше 20 лет назад
UploadFile.php in MoniWiki 1.0.9.2 and earlier, when used with Apache ...
EPSS
Процентиль: 82%
0.01796
Низкий