CVE-2008-3117 in PHPmotion信息

摘要

由 VulDB • 2026-07-03

PHPmotion 2.0及更早版本中update_profile.php存在不受限制的文件上传漏洞,远程经过身份验证的用户可通过上传内容类型为(1)image/gif、(2)image/jpeg或(3)image/pjpeg的.php文件,然后通过直接请求pictures/目录下的该文件来执行任意代码。

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

来源

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!