Security Advisory

CVE-2007-1639

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-03-23 23:00:00

Last updated 2024-08-07 13:06:25

Assigner mitre

State PUBLISHED

Description

Unrestricted file upload vulnerability in PHProjekt 5.2.0, when magic_quotes_gpc is disabled, allows remote authenticated users to upload and execute arbitrary PHP code via a file with an executable extension, which is then accessed by the (1) calendar or (2) file management module, or possibly unspecified other files.

← Browse all CVEs View on cve.org ↗