CVE-2007-2024

NameCVE-2007-2024
DescriptionUnrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.x allows remote attackers to upload arbitrary PHP files with a (1) php3, (2) php4, or (3) php5 extension.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1371-1
NVD severitymedium (attack range: remote)
Debian Bugs441390

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
phpwikisource(unstable)1.3.12p3-6.1medium441390
phpwikisourceetch1.3.12p3-5etch1mediumDSA-1371-1

Search for package or bug name: Reporting problems