|
|
CVE Reference: CVE-2005-2781 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2005-2781 |
|
|
Description: The Avatar upload feature in FUD Forum before 2.7.0 does not properly verify uploaded files, which allows remote attackers to execute arbitrary PHP code via a file with a .php extension that contains image data followed by PHP code. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/22076 SAID Secunia Advisory: SA16627 Secunia Advisory: SA20203 DEBIAN http://www.debian.org/security/2006/dsa-1063 CONFIRM http://fudforum.org/forum/index.php?t=msg&th=5470&start=0& BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/500406/100/0/threaded http://marc.theaimsgroup.com/?l=bugtraq&m=112534235403406&w=2 BID 14678 |
|
| Return to the previous page. |
