CVE-2007-5156

Severity

68%

Complexity

86%

Confidentiality

106%

Per: http://cwe.mitre.org/data/definitions/184.html 'CWE-184: Incomplete Blacklist'

Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.

Per: http://cwe.mitre.org/data/definitions/184.html 'CWE-184: Incomplete Blacklist'

CVSS 2.0 Base Score 6.8. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P).

Overview

First reported 17 years ago

2007-10-01 05:17:00

Last updated 6 years ago

2018-10-15 21:40:00

Affected Software

Apache Software Foundation Apache HTTP Server

References

http://dev.fckeditor.net/changeset/973

http://dev.fckeditor.net/ticket/1325

http://downloads.securityfocus.com/vulnerabilities/exploits/30677.php

27123

Vendor Advisory

27174

Vendor Advisory

3182

http://sourceforge.net/forum/forum.php?forum_id=743930

http://sourceforge.net/project/shownotes.php?release_id=546000

20070927 [waraxe-2007-SA#057] - Unauthorized File Upload in SiteX CMS

29422

30677

ADV-2007-3464

Vendor Advisory

ADV-2007-3465

Vendor Advisory

http://www.waraxe.us/advisory-57.html

lanai-upload-file-upload(42425)

syntaxcms-upload-file-upload(42733)

cardinal-upload-file-upload(44455)

5618

5688

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.