← back
CVE-2008-3093

CVE-2008-3093

EPSS 2.2%
Unrestricted file upload vulnerability in ImperialBB 2.3.5 and earlier allows remote authenticated users to upload and execute arbitrary PHP code by placing a .php filename in the Upload_Avatar parameter and sending the image/gif content type.
Affected products
n/a · n/a
public PoCs found1
cve_referencewww.exploit-db.com/exploits/6008unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://phplizardo.breizh-web.net/blog/2008/07/05/advisory-1-imperialbbhttp://secunia.com/advisories/30939https://exchange.xforce.ibmcloud.com/vulnerabilities/43608https://www.exploit-db.com/exploits/6008http://www.securityfocus.com/bid/30100