Vulnerabilities > CVE-2007-0082 - Unspecified vulnerability in Imgallery 2.4/2.5
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN imgallery
exploit available
Summary
users_adm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple extensions, which allows remote authenticated users to upload and execute arbitrary PHP scripts.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | IMGallery <= 2.5 Create Uploader Script Exploit. CVE-2007-0082. Webapps exploit for php platform |
| file | exploits/php/webapps/3049.php |
| id | EDB-ID:3049 |
| last seen | 2016-01-31 |
| modified | 2006-12-30 |
| platform | php |
| port | |
| published | 2006-12-30 |
| reporter | Kacper |
| source | https://www.exploit-db.com/download/3049/ |
| title | IMGallery <= 2.5 Create Uploader Script Exploit |
| type | webapps |
References
- http://www.securityfocus.com/bid/21827
- http://www.vupen.com/english/advisories/2007/0010
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31237
- https://www.exploit-db.com/exploits/3049
- http://www.securityfocus.com/bid/21827
- https://www.exploit-db.com/exploits/3049
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31237
- http://www.vupen.com/english/advisories/2007/0010