addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, which allows remote attackers to execute arbitrary PHP code via the pdbfile variable, then directly accessing those files from the uploads directory.
References
Configurations
History
No history.
Information
Published : 2006-01-11 21:03
Updated : 2024-02-04 16:52
NVD link : CVE-2006-0169
Mitre link : CVE-2006-0169
CVE.ORG link : CVE-2006-0169
JSON object : View
Products Affected
myphpim
- myphpim
CWE