The document management module in NOLA 1.1.1 and 1.1.2 does not restrict the types of files that are uploaded, which allows remote attackers to upload and execute arbitrary PHP files with extensions such as .php4.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2005-06-28T04:00:00
Updated: 2024-08-08T03:43:33.477Z
Reserved: 2005-06-29T00:00:00
Link: CVE-2002-1841
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2002-12-31T05:00:00.000
Modified: 2024-01-26T20:01:19.840
Link: CVE-2002-1841
Redhat
No data.