Vulnerability Description
Unrestricted file upload vulnerability in uploadrequest.asp in Layton HelpBox 3.7.1 allows remote authenticated users to upload and execute arbitrary ASP files, related to not properly checking file extensions.
CVSS Score
6.5
MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Layton Technology | Helpbox | 3.7.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/27699Vendor Advisory
- http://secunia.com/secunia_research/2007-94/advisory/Vendor Advisory
- http://www.securityfocus.com/bid/27187
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39536
- http://secunia.com/advisories/27699Vendor Advisory
- http://secunia.com/secunia_research/2007-94/advisory/Vendor Advisory
- http://www.securityfocus.com/bid/27187
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39536
FAQ
What is CVE-2007-5401?
CVE-2007-5401 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Unrestricted file upload vulnerability in uploadrequest.asp in Layton HelpBox 3.7.1 allows remote authenticated users to upload and execute arbitrary ASP files, related to not properly checking file e...
How severe is CVE-2007-5401?
CVE-2007-5401 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5401?
Check the references section above for vendor advisories and patch information. Affected products include: Layton Technology Helpbox.