Vulnerabilities > CVE-2006-1208 - Unspecified vulnerability in Sergey Korostel PHP Upload Center
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Sergey Korostel PHP Upload Center allows remote attackers to execute arbitrary PHP code by uploading a file whose name ends in a .php.li extension, which can be accessed from the upload directory.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://biyosecurity.be/bugs/phpuploadcenter2.txt
- http://www.blogcu.com/Liz0ziM/317250/
- http://www.scripts-by.net/PHP/File-Manipulation/php-upload-center.html
- http://www.osvdb.org/23626
- http://secunia.com/advisories/19107
- http://securityreason.com/securityalert/564
- http://www.vupen.com/english/advisories/2006/0817
- http://www.securityfocus.com/archive/1/427215/100/0/threaded