CVE-2008-4767 – PHP-Nuke DownloadsPlus Module - Arbitrary File Upload

https://notcve.org/view.php?id=CVE-2008-4767

Unrestricted file upload vulnerability in the DownloadsPlus module in PHP-Nuke allows remote attackers to execute arbitrary code by uploading a file with (1) .htm, (2) .html, or (3) .txt extensions, then accessing it via a direct request to the file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: it is unclear how allowing the upload of .html or .txt files supports arbitrary code execution; this might be legitimate functionality. Vulnerabilidad de subida de fichero sin restricción en el módulo DownloadsPlus en PHP-Nuke, permite a atacantes remotos ejecutar código de su elección a través la subida de ficheros con la extensión (1) .htm, (2) .html, o (3) .txt y después accediendo a ellos mediante una petición directa al archivo. NOTA: el origen de esta información es desconocido. • https://www.exploit-db.com/exploits/31702 http://www.juniper.net/security/auto/vulnerabilities/vuln28919.html http://www.securityfocus.com/bid/28919 https://exchange.xforce.ibmcloud.com/vulnerabilities/42007 • CWE-20: Improper Input Validation •