返回 CVE 浏览器

CVE-2007-1139

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1280%

EPSS Percentile24.16th

Published2007年3月2日

Last Modified2026年4月23日

Vulnerability Description

Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to upload arbitrary scripts via a filename with a double extension.

Affected Platforms (CPE)

📦

Cromosoft

Simple Plantilla Php

All versions

References & Advisories

🔗 http://osvdb.org/33139

🔗 http://securityreason.com/securityalert/2332

🔗 http://www.securityfocus.com/archive/1/460913/100/0/threaded

🔗 http://www.securityfocus.com/bid/22669

🔗 http://osvdb.org/33139

🔗 http://securityreason.com/securityalert/2332

🔗 http://www.securityfocus.com/archive/1/460913/100/0/threaded

🔗 http://www.securityfocus.com/bid/22669

相关漏洞威胁

CVE-2007-11385.0

Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to li...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-182210.0

Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailbo...