Vulnerabilities > CVE-2007-0370 - SQL-Injection vulnerability in PHPbp Rc32.204
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unrestricted file upload vulnerability in index.php in phpBP RC3 (2.204) and earlier allows remote administrators to inject arbitrary PHP code into an upload/banners/ file via a banners add operation that uploads the PHP code through an image_form parameter specifying a multiple-extension filename such as .jpg.vil.gif.php, which is stored in upload/banners/ under a different name, and executable via a direct request. NOTE: a separate SQL injection issue could be leveraged to make this vulnerability reachable by remote unauthenticated attackers.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | phpBP <= RC3 (2.204) (sql/cmd) Remote Code Execution Exploit. CVE-2007-0369,CVE-2007-0370. Webapps exploit for php platform |
| file | exploits/php/webapps/3153.php |
| id | EDB-ID:3153 |
| last seen | 2016-01-31 |
| modified | 2007-01-18 |
| platform | php |
| port | |
| published | 2007-01-18 |
| reporter | Kacper |
| source | https://www.exploit-db.com/download/3153/ |
| title | phpBP <= RC3 2.204 sql/cmd Remote Code Execution Exploit |
| type | webapps |