FUDforum Avatar Upload Arbitrary Script Upload Vulnerability

Bugtraq ID: 14678
Class: Input Validation Error
CVE: CVE-2005-2781
Remote: Yes
Local: No
Published: Aug 29 2005 12:00AM
Updated: May 25 2009 07:20PM
Credit: Discovery is credited to <riklaunim@gmail.com>.
Vulnerable: PHPGroupWare PHPGroupWare 0.9.16 .000
PHPGroupWare PHPGroupWare 0.9.14
Ilia Alshanetsky FUDForum 2.7
Ilia Alshanetsky FUDForum 2.6.15
Ilia Alshanetsky FUDForum 2.6.14
Ilia Alshanetsky FUDForum 2.6.13
Ilia Alshanetsky FUDForum 2.6.12
Ilia Alshanetsky FUDForum 2.6.10
Ilia Alshanetsky FUDForum 2.6.9
Ilia Alshanetsky FUDForum 2.6.8
Ilia Alshanetsky FUDForum 2.6.7
Ilia Alshanetsky FUDForum 2.6.5
Ilia Alshanetsky FUDForum 2.6.4
Ilia Alshanetsky FUDForum 2.6.3
Ilia Alshanetsky FUDForum 2.6.2
Ilia Alshanetsky FUDForum 2.6.1
Ilia Alshanetsky FUDForum 2.6
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus