Vulnerabilities > CVE-2007-3199 - Unspecified vulnerability in American Financing Link Request Contact Form 3.4
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Unrestricted file upload vulnerability in Link Request Contact Form 3.4 allows remote attackers to execute arbitrary PHP code by uploading a file with a .php extension and an image content type, as demonstrated by image/jpeg.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Link Request Contact Form 3.4 Remote Code Execution Vulnerability. CVE-2007-3199. Webapps exploit for php platform |
file | exploits/php/webapps/4059.txt |
id | EDB-ID:4059 |
last seen | 2016-01-31 |
modified | 2007-06-11 |
platform | php |
port | |
published | 2007-06-11 |
reporter | CorryL |
source | https://www.exploit-db.com/download/4059/ |
title | Link Request Contact Form 3.4 - Remote Code Execution Vulnerability |
type | webapps |
References
- http://corryl.altervista.org/index.php?mod=Download/Exploit#exploit-LRCF-v3.4.rar
- http://osvdb.org/37204
- http://secunia.com/advisories/25614
- http://www.securityfocus.com/bid/24408
- http://www.vupen.com/english/advisories/2007/2143
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34801
- https://www.exploit-db.com/exploits/4059