Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2005-2781

Опубликовано: 02 сент. 2005
Источник: ubuntu
Приоритет: medium
CVSS2: 7.5

Описание

The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code.

РелизСтатусПримечание
dapper

released

1.0.0.009.dfsg-3-4
devel

released

1.0.0.009.dfsg-3-4
edgy

released

1.0.0.009.dfsg-3-4
feisty

released

1.0.0.009.dfsg-3-4
upstream

needs-triage

Показывать по

РелизСтатусПримечание
dapper

released

0.9.16.010-1
devel

released

0.9.16.010-1
edgy

released

0.9.16.010-1
feisty

released

0.9.16.010-1
upstream

needs-triage

Показывать по

Ссылки на источники

7.5 High

CVSS2

Связанные уязвимости

nvd логотип

CVE-2005-2781

nvd
около 20 лет назад

The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code.

debian логотип

CVE-2005-2781

debian
около 20 лет назад

The Avatar upload feature in FUD Forum before 2.7.0 does not properly ...

github логотип

GHSA-m2hw-cx9w-5jj2

github
больше 3 лет назад

The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code.

7.5 High

CVSS2