Vulnerabilities > Uber Uploader

DATE	CVE	VULNERABILITY TITLE	RISK
2008-01-08	CVE-2007-6676	Configuration vulnerability in Uber Uploader Uber Uploader The default configuration of Uber Uploader (UU) 5.3.6 and earlier does not block uploads of (1) .html, (2) .asp, and other possibly dangerous extensions, which allows remote attackers to use these extensions in uploads via (a) uu_file_upload.php, related to uu_file_upload.js and (b) uber_uploader_file.php, related to uber_uploader_file.js, a different issue than CVE-2007-0123. network low complexity uber-uploader CWE-16	5.0
2007-01-09	CVE-2007-0123	File-Upload vulnerability in Uber Uploader Uber Uploader 4.2 Unrestricted file upload vulnerability in Uber Uploader 4.2 allows remote attackers to upload and execute arbitrary PHP scripts by naming them with a .phtml extension, which bypasses the .php extension check but is still executable on some server configurations. network uber-uploader	6.8

Vulnerabilities > Uber Uploader {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Uber Uploader"}]}