CVE-2007-1235 - Vulnerability Details - OpenCVE

Unrestricted file upload vulnerability in sitex allows remote attackers to upload arbitrary PHP code via an avatar filename with a double extension such as .php.jpg, which fails verification and is saved as a .php file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Bj Sintay	Sitex

Configuration 1 [-]

cpe:2.3:a:bj_sintay:sitex:0.7.3:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://osvdb.org/33157
http://securityreason.com/securityalert/2373
http://www.securityfocus.com/archive/1/461305/100/0/threaded

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-03-03T19:00:00

Updated: 2024-08-07T12:50:35.187Z

Reserved: 2007-03-03T00:00:00

Link: CVE-2007-1235

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-03-03T19:19:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-1235

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-02-23T00:00:00", "descriptions": [{"lang": "en", "value": "Unrestricted file upload vulnerability in sitex allows remote attackers to upload arbitrary PHP code via an avatar filename with a double extension such as .php.jpg, which fails verification and is saved as a .php file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20070223 sitex multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/461305/100/0/threaded"}, {"name": "33157", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/33157"}, {"name": "2373", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/2373"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-1235", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unrestricted file upload vulnerability in sitex allows remote attackers to upload arbitrary PHP code via an avatar filename with a double extension such as .php.jpg, which fails verification and is saved as a .php file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20070223 sitex multiple vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/461305/100/0/threaded"}, {"name": "33157", "refsource": "OSVDB", "url": "http://osvdb.org/33157"}, {"name": "2373", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/2373"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:50:35.187Z"}, "title": "CVE Program Container", "references": [{"name": "20070223 sitex multiple vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/461305/100/0/threaded"}, {"name": "33157", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/33157"}, {"name": "2373", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/2373"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-1235", "datePublished": "2007-03-03T19:00:00", "dateReserved": "2007-03-03T00:00:00", "dateUpdated": "2024-08-07T12:50:35.187Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:bj_sintay:sitex:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "84D38B3D-2CE8-4E57-8391-7F3AE2706F96", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unrestricted file upload vulnerability in sitex allows remote attackers to upload arbitrary PHP code via an avatar filename with a double extension such as .php.jpg, which fails verification and is saved as a .php file."}, {"lang": "es", "value": "Vulnerabilidad de actualizaci\u00f3n de archivos no restringido en sitex permite a atacantes remotos actualizar c\u00f3digo PHP de su elecci\u00f3n a trav\u00e9s de un nombre de archivo avatar con una doble extensi\u00f3n como .php.jpg, con la cual falla la validaci\u00f3n y es guardado como un archivo .php."}], "id": "CVE-2007-1235", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-03-03T19:19:00.000", "references": [{"source": "cve@mitre.org", "url": "http://osvdb.org/33157"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://securityreason.com/securityalert/2373"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/461305/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/33157"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://securityreason.com/securityalert/2373"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/461305/100/0/threaded"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}