Vulnerabilities > CVE-2007-1255 - SQL-Injection vulnerability in Connectix Boards

047910
CVSS 6.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
connectix
exploit available
NVD
Published: 2007-03-03
Updated: 2018-10-16

Summary

Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated administrators to execute arbitrary PHP code by uploading a crafted GIF smiley image with a .php extension via the uploadimage parameter to admin.php, which can be later accessed via a direct request for the file in smileys/. NOTE: this can be leveraged with a separate SQL injection issue for remote unauthenticated attacks.

Vulnerable Configurations

Part Description Count
Application
Connectix
14

Exploit-Db

descriptionConnectix Boards <= 0.7 (p_skin) Multiple Vulnerabilities Exploit. CVE-2007-1254,CVE-2007-1255. Webapps exploit for php platform
fileexploits/php/webapps/3352.php
idEDB-ID:3352
last seen2016-01-31
modified2007-02-21
platformphp
port
published2007-02-21
reporterDarkFig
sourcehttps://www.exploit-db.com/download/3352/
titleConnectix Boards <= 0.7 p_skin Multiple Vulnerabilities Exploit
typewebapps

References