Back to search
CVE-2006-0169
Published: Jan 11, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
addresses.php3 in MyPhPim 01.05 does not restrict uploaded files, which allows remote attackers to execute arbitrary PHP code via the pdbfile variable, then directly accessing those files from the uploads directory.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://evuln.com/vulns/23/summary.html
x_refsource_MISC
16208
vdb-entry
x_refsource_BID
18399
third-party-advisory
x_refsource_SECUNIA
20060111 [eVuln] MyPhPim Arbitrary File Upload
mailing-list
x_refsource_BUGTRAQ
myphpim-addresses-file-upload(24070)
vdb-entry
x_refsource_XF
ADV-2006-0147
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now