Vulnerabilities > CVE-2007-0871 - Unspecified vulnerability in Extremepow Extreme File Hosting
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN extremepow
exploit available
Summary
Unrestricted file upload vulnerability in eXtremePow eXtreme File Hosting allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as (1) .rar.php or (2) .zip.php.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | eXtreme File Hosting Arbitrary RAR File Upload Vulnerability. CVE-2007-0871. Webapps exploit for php platform |
| id | EDB-ID:29574 |
| last seen | 2016-02-03 |
| modified | 2007-02-09 |
| published | 2007-02-09 |
| reporter | hamed bazargani |
| source | https://www.exploit-db.com/download/29574/ |
| title | eXtreme File Hosting Arbitrary RAR File Upload Vulnerability |
References
- http://osvdb.org/33181
- http://osvdb.org/33181
- http://secunia.com/advisories/24088
- http://secunia.com/advisories/24088
- http://securityreason.com/securityalert/2231
- http://securityreason.com/securityalert/2231
- http://www.securityfocus.com/archive/1/459562/100/0/threaded
- http://www.securityfocus.com/archive/1/459562/100/0/threaded
- http://www.securityfocus.com/bid/22498
- http://www.securityfocus.com/bid/22498
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32435
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32435