Vulnerabilities > CVE-2007-1032 - Unspecified vulnerability in PHPmyfaq
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN phpmyfaq
nessus
Summary
Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."
Vulnerable Configurations
Nessus
| NASL family | CGI abuses |
| NASL id | PHPMYFAQ_1_610.NASL |
| description | The installation of phpMyFAQ on the remote host allows for bypassing authentication or escalating privileges via the |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 24672 |
| published | 2007-02-20 |
| reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/24672 |
| title | phpMyFAQ < 1.6.10 Multiple Script Arbitrary File Upload |
References
- http://osvdb.org/32603
- http://osvdb.org/32603
- http://secunia.com/advisories/24230
- http://secunia.com/advisories/24230
- http://www.phpmyfaq.de/advisory_2007-02-18.php
- http://www.phpmyfaq.de/advisory_2007-02-18.php
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32573
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32573