CVE-2008-6207

Published: Feb 20, 2009Modified: Apr 23, 2026

8.5

Vector

AV:N/AC:M/Au:S/C:C/I:C/A:C

Exploitability: 6.8 / Impact: 10.0

Source: NVD

Description

Unrestricted file upload vulnerability in form_upload.php in PHPG Upload 1.0 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Affected (1)

Products: Phpg Upload: Phpg Upload

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Phpg Upload Phpg Upload	Version 1.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://www.securityfocus.com/bid/28955

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/42119

Source: cve@mitre.org

http://www.securityfocus.com/bid/28955

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/42119

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.