CVE-2002-1759

The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related to uploaded data, which allows remote attackers to cause PHProjekt to process arbitrary files.

Published: Dec 31, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-1759
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
phprojekt / phprojekt	2.3	2.3.x
phprojekt / phprojekt	2.4a	2.4a.x
phprojekt / phprojekt	3.1a	3.1a.x
phprojekt / phprojekt	2.2	2.2.x
phprojekt / phprojekt	2.4	2.4.x
phprojekt / phprojekt	2.1a	2.1a.x
phprojekt / phprojekt	3.1	3.1.x
phprojekt / phprojekt	3.0	3.0.x
phprojekt / phprojekt	2.1	2.1.x
phprojekt / phprojekt	2.0.1	2.0.1.x
phprojekt / phprojekt	2.0	2.0.x

http://archive.cert.uni-stuttgart.de/archive/bugtraq/2002/04/msg00361.html
http://www.securityfocus.com/bid/4597
https://exchange.xforce.ibmcloud.com/vulnerabilities/8944

Vulnerability Database

290,300

CVE-2002-1759