Vulnerability Database

318,756

Total vulnerabilities in the database

CVE-2005-0269

The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters.

Published: May 2, 2005
Updated: Nov 9, 2025
CVE: CVE-2005-0269
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-178

Affected Software
References

Software	From	Fixed in
sir / gnuboard	-	3.40.x

http://marc.info/?l=bugtraq&m=110477648219738&w=2
http://secunia.com/advisories/13711
http://www.securityfocus.com/bid/12149
https://exchange.xforce.ibmcloud.com/vulnerabilities/18729

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo