Vulnerabilities > CVE-2005-0272 - Remote Security vulnerability in Photopost Reviewpost PHP PRO 1.0.2/2.5

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

photopost

exploit available

NVD

Published: 2005-05-02

Updated: 2017-07-11

Summary

ReviewPost PHP Pro before 2.84 allows remote attackers to upload and execute arbitrary PHP files by posting a review file with multiple extensions, which bypasses the intended restrictions.

Vulnerable Configurations

Part	Description	Count
Application	Photopost Photopost Reviewpost PHP PRO 1.0.2 Photopost Reviewpost PHP PRO 2.5 Photopost Reviewpost PHP PRO *	3

Exploit-Db

description	ReviewPost < 2.84 - Multiple Vulnerabilities. CVE-2005-0270,CVE-2005-0271,CVE-2005-0272. Webapps exploit for PHP platform
id	EDB-ID:43821
last seen	2018-01-24
modified	2015-01-02
published	2015-01-02
reporter	Exploit-DB
source	https://www.exploit-db.com/download/43821/
title	ReviewPost < 2.84 - Multiple Vulnerabilities

Summary

Vulnerable Configurations

Exploit-Db

References