CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2007-1139

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1280%
EPSS Percentile24.16th
Published2007年3月2日
Last Modified2026年4月23日

Vulnerability Description

Unrestricted file upload vulnerability in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to upload arbitrary scripts via a filename with a double extension.

Affected Platforms (CPE)

📦
Cromosoft

Simple Plantilla Php

All versions

References & Advisories

🔗 http://osvdb.org/33139
🔗 http://securityreason.com/securityalert/2332
🔗 http://www.securityfocus.com/archive/1/460913/100/0/threaded
🔗 http://www.securityfocus.com/bid/22669
🔗 http://osvdb.org/33139
🔗 http://securityreason.com/securityalert/2332
🔗 http://www.securityfocus.com/archive/1/460913/100/0/threaded
🔗 http://www.securityfocus.com/bid/22669

相關漏洞威脅

CVE-2007-11385.0

Absolute path traversal vulnerability in list_main_pages.php in Cromosoft Simple Plantilla PHP (SPP) allows remote attackers to li...

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-195910.0

Unspecified vulnerability in the process_cmdent function in command.cpp in TinyMUX before 2.4 has unknown impact and attack vector...