Xoops Custom Avatar Remote Arbitrary PHP File Upload Vulnerability

Bugtraq ID: 12754
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Mar 08 2005 12:00AM
Updated: Mar 08 2005 12:00AM
Credit: Discovery of this vulnerability is credited to pokley <pokleyzz@scan-associates.net>.
Vulnerable: Xoops Xoops 2.0.9 .2
Xoops Xoops 2.0.5 .2
Xoops Xoops 2.0.5 .1
Xoops Xoops 2.0.5
Xoops Xoops 2.0.3
Xoops Xoops 2.0.2
Xoops Xoops 2.0.1
Xoops Xoops 2.0
Xoops Xoops 1.3.10
Xoops Xoops 1.3.9
Xoops Xoops 1.3.8
Xoops Xoops 1.3.7
Xoops Xoops 1.3.6
Xoops Xoops 1.3.5
Xoops Xoops 1.0 RC1
Xoops Xoops 1.0 RC3.0.5
Xoops Xoops 1.0 RC3
Not Vulnerable: Xoops Xoops 2.0.9 .3


 

Privacy Statement
Copyright 2010, SecurityFocus