Описание
index.php in Eduha Meeting does not properly restrict file extensions before permitting a file upload, which allows remote attackers to bypass security checks and upload or execute arbitrary php code via the add action.
index.php in Eduha Meeting does not properly restrict file extensions before permitting a file upload, which allows remote attackers to bypass security checks and upload or execute arbitrary php code via the add action.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-3158
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27296
- http://secunia.com/advisories/20731
- http://www.biyosecurity.be/bugs/meeting.txt
- http://www.osvdb.org/26627
- http://www.securityfocus.com/archive/1/437992/100/0/threaded
- http://www.securityfocus.com/bid/18499
- http://www.vupen.com/english/advisories/2006/2428
EPSS
Процентиль: 90%
0.05202
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
index.php in Eduha Meeting does not properly restrict file extensions before permitting a file upload, which allows remote attackers to bypass security checks and upload or execute arbitrary php code via the add action.
EPSS
Процентиль: 90%
0.05202
Низкий