Vulnerability Details CVE-2007-0082
users_adm/start1.php in IMGallery 2.5 and earlier does not properly handle files with multiple extensions, which allows remote authenticated users to upload and execute arbitrary PHP scripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.5%
CVSS Severity
CVSS v2 Score 6.5
References
- http://www.securityfocus.com/bid/21827
- http://www.vupen.com/english/advisories/2007/0010
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31237
- https://www.exploit-db.com/exploits/3049
- http://www.securityfocus.com/bid/21827
- http://www.vupen.com/english/advisories/2007/0010
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31237
- https://www.exploit-db.com/exploits/3049