Vulnerabilities > CVE-2007-3199 - Unspecified vulnerability in American Financing Link Request Contact Form 3.4

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
american-financing
exploit available
NVD
Published: 2007-06-12
Updated: 2017-10-11

Summary

Unrestricted file upload vulnerability in Link Request Contact Form 3.4 allows remote attackers to execute arbitrary PHP code by uploading a file with a .php extension and an image content type, as demonstrated by image/jpeg.

Vulnerable Configurations

Part Description Count
Application
American_Financing
1

Exploit-Db

descriptionLink Request Contact Form 3.4 Remote Code Execution Vulnerability. CVE-2007-3199. Webapps exploit for php platform
fileexploits/php/webapps/4059.txt
idEDB-ID:4059
last seen2016-01-31
modified2007-06-11
platformphp
port
published2007-06-11
reporterCorryL
sourcehttps://www.exploit-db.com/download/4059/
titleLink Request Contact Form 3.4 - Remote Code Execution Vulnerability
typewebapps

References