CVE Vulnerabilities

CVE-2005-2614

Published: Aug 17, 2005 | Modified: Sep 05, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Discuz! 4.0 rc4 does not properly restrict types of files that are uploaded to the server, which allows remote attackers to execute arbitrary commands via a filename containing .php.rar or other multiple extensions that include .php.

Affected Software

Name Vendor Start Version End Version
Discuz Crosscom_olicom * 4.0_rc4

References