Vulnerability CVE-2006-2330
Published: 2006-05-11   Modified: 2012-02-12

Description:
PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, as demonstrated by uploading then executing an avatar file that ends in ".php.gif" and contains PHP code in EXIF metadata.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
PHPFusion <= v6.00.306 avatar mod_mime arbitrary file upload & local inclusion vulnerabilities
rgod
12.05.2006

Type:

CWE-Other

CVSS2 => (AV:N/AC:L/Au:N/C:P/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.4/10
4.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
None
Affected software
Php fusion -> Php fusion 

 References:
http://securityreason.com/securityalert/873
http://www.php-fusion.co.uk/news.php
http://www.securityfocus.com/archive/1/433277/100/0/threaded
http://www.securityfocus.com/bid/17898
http://www.vupen.com/english/advisories/2006/1735
https://exchange.xforce.ibmcloud.com/vulnerabilities/26388
Copyright 2024, cxsecurity.com

 

Back to Top