CVE-2005-1047 — Group Phpbb vulnerability

2 documents2 sources

Severity

7.5HIGHNVD

EPSS

1.0%

top 23.18%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpbb Group Phpbb

Timeline

PublishedApr 7

Latest updateMay 1

Description

Meilad File upload script (up.php) mod for phpBB 2.0.x does not properly limit the types of files that can be uploaded, which allows remote authenticated users to execute arbitrary commands by uploading PHP files, then directly requesting them from the uploads directory.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDphpbb_group/phpbb24 versions+23

🔴Vulnerability Details

GHSA

GHSA-x3m5-5cvx-pm7x: Meilad File upload script (up↗2022-05-01

▶