CVE-2007-2025
Published: 13 April 2007
Unrestricted file upload vulnerability in the UpLoad feature (lib/plugin/UpLoad.php) in PhpWiki 1.3.11p1 allows remote attackers to upload arbitrary PHP files with a double extension, as demonstrated by .php.3, which is interpreted by Apache as being a valid PHP file.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
phpwiki Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
| edgy |
Ignored
(end of life, was needed)
|
|
| feisty |
Ignored
(end of life, was needed)
|
|
| gutsy |
Released
(1.3.12p3-6.1)
|
|
| hardy |
Released
(1.3.12p3-6.1)
|
|
| intrepid |
Released
(1.3.12p3-6.1)
|
|
| jaunty |
Released
(1.3.12p3-6.1)
|
|
| karmic |
Released
(1.3.12p3-6.1)
|
|
| upstream |
Needs triage
|