Unspecified vulnerability in the XOOPS uploader class in Xoops 2.0.17.1-RC1 and earlier allows remote attackers to upload arbitrary files via unspecified vectors related to improper upload configuration settings in class/uploader.php and class/mimetypes.inc.php, possibly an incomplete blacklist that omits the .php4 extension.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2007-10-03T14:00:00
Updated: 2007-10-06T09:00:00
Reserved: 2007-10-03T00:00:00
Link: CVE-2007-5188
JSON object: View
NVD Information
Status : Modified
Published: 2007-10-03T14:17:00.000
Modified: 2011-03-08T03:00:16.703
Link: CVE-2007-5188
JSON object: View
Redhat Information
No data.
CWE