Security Advisory

CVE-2007-3429

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2007-06-27 00:00:00

Last updated 2024-08-07 14:14:13

Assigner mitre

State PUBLISHED

Description

Unrestricted file upload vulnerability in signup.php in e107 0.7.8 and earlier, when photograph upload is enabled, allows remote attackers to upload and execute arbitrary PHP code via a filename with a double extension such as .php.jpg.

← Browse all CVEs View on cve.org ↗