Vulnerabilities > CVE-2007-0871 - Unspecified vulnerability in Extremepow Extreme File Hosting

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
extremepow
exploit available
NVD
Published: 2007-02-12
Updated: 2018-10-16

Summary

Unrestricted file upload vulnerability in eXtremePow eXtreme File Hosting allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as (1) .rar.php or (2) .zip.php.

Vulnerable Configurations

Part Description Count
Application
Extremepow
1

Exploit-Db

descriptioneXtreme File Hosting Arbitrary RAR File Upload Vulnerability. CVE-2007-0871. Webapps exploit for php platform
idEDB-ID:29574
last seen2016-02-03
modified2007-02-09
published2007-02-09
reporterhamed bazargani
sourcehttps://www.exploit-db.com/download/29574/
titleeXtreme File Hosting Arbitrary RAR File Upload Vulnerability

References