Vulnerabilities > CVE-2007-1032 - Remote Security vulnerability in phpMyFAQ
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when register_globals is enabled, allows remote attackers to "gain the privilege for uploading files on the server." Successful exploitation requires that "register_globals" is enabled.
Vulnerable Configurations
Nessus
NASL family | CGI abuses |
NASL id | PHPMYFAQ_1_610.NASL |
description | The installation of phpMyFAQ on the remote host allows for bypassing authentication or escalating privileges via the |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 24672 |
published | 2007-02-20 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/24672 |
title | phpMyFAQ < 1.6.10 Multiple Script Arbitrary File Upload |