CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2007-3199

Unrestricted file upload vulnerability in Link Request Contact Form 3.4 allows remote attackers to execute arbitrary PHP code by uploading a file with a .php extension and an image content type, as demonstrated by image/jpeg.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.094

EPSS Ranking 92.5%

CVSS Severity

CVSS v2 Score 7.5

References

http://corryl.altervista.org/index.php?mod=Download/Exploit#exploit-LRCF-v3.4.rar
http://osvdb.org/37204
http://secunia.com/advisories/25614
http://www.securityfocus.com/bid/24408
http://www.vupen.com/english/advisories/2007/2143
https://exchange.xforce.ibmcloud.com/vulnerabilities/34801
https://www.exploit-db.com/exploits/4059
http://corryl.altervista.org/index.php?mod=Download/Exploit#exploit-LRCF-v3.4.rar
http://osvdb.org/37204
http://secunia.com/advisories/25614
http://www.securityfocus.com/bid/24408
http://www.vupen.com/english/advisories/2007/2143
https://exchange.xforce.ibmcloud.com/vulnerabilities/34801
https://www.exploit-db.com/exploits/4059

Products affected by CVE-2007-3199

American Financing » Link Request Contact Form » Version: 3.4

cpe:2.3:a:american_financing:link_request_contact_form:3.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-3199

Products

Pricing

Contact Us