Unrestricted File Upload in Zomplog by Zomplog
CVE-2007-5231

Currently unrated

Key Information:

Vendor: Zomplog
Status: Zomplog
Vendor: CVE Published:; 5 October 2007

What is CVE-2007-5231?

The vulnerability present in Zomplog versions 3.8.1 and earlier is an unrestricted file upload flaw located in the admin/upload_files.php script. This issue allows remote authenticated administrators to upload and execute unauthorized .php files by manipulating the MIME type during the upload process. Additionally, this vulnerability can be exploited by unauthenticated attackers if they take advantage of another related vulnerability, enhancing the risk of severe security breaches.

References

https://www.exploit-db.com/exploits/4466

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/25861

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/36872

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 5, 2007
Vulnerability Reserved
Oct 5, 2007

JSON