Description

ImageManager in e107 before 0.617 does not properly check the types of uploaded files, which allows remote attackers to execute arbitrary code by uploading a PHP file via the upload parameter to images.php.

Remediation

References

CVE-2004-2262

Related Vulnerabilities

WordPress Plugin WP-Print Cross-Site Request Forgery (2.51)

PHP Other Vulnerability (CVE-2004-1065)

WordPress Plugin Images Slideshow by 2J-Image Slider Security Bypass (1.3.31)

MySQL CVE-2018-2782 Vulnerability (CVE-2018-2782)

Joomla! Core 2.5.x SQL Injection (2.5.0 - 2.5.1)

Severity

Medium

Classification

CVE-2004-2262

Tags

Missing Update Known Vulnerabilities