CVE

CVE-2007-5156

Date: (C)2007-10-01   (M)2023-12-22

Incomplete blacklist vulnerability in editor/filemanager/upload/php/upload.php in FCKeditor, as used in SiteX CMS 0.7.3.beta, La-Nai CMS, Syntax CMS, Cardinal Cms, and probably other products, allows remote attackers to upload and execute arbitrary PHP code via a file whose name contains ".php." and has an unknown extension, which is recognized as a .php file by the Apache HTTP server, a different vulnerability than CVE-2006-0658 and CVE-2006-2529.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL

Reference:

http://www.securityfocus.com/archive/1/480830/100/0/threaded

SECUNIA-27123

SECUNIA-27174

BID-29422

BID-30677

SREASON-3182

EXPLOIT-DB-5618

EXPLOIT-DB-5688

ADV-2007-3464

ADV-2007-3465

cardinal-upload-file-upload(44455)

http://dev.fckeditor.net/changeset/973

http://dev.fckeditor.net/ticket/1325

http://downloads.securityfocus.com/vulnerabilities/exploits/30677.php

http://sourceforge.net/forum/forum.php?forum_id=743930

http://sourceforge.net/project/shownotes.php?release_id=546000

http://www.waraxe.us/advisory-57.html

lanai-upload-file-upload(42425)

syntaxcms-upload-file-upload(42733)