Description
Unrestricted file upload vulnerability in RapidKill (aka PHP Rapid Kill) 5.7 Pro, and certain other versions, allows remote attackers to upload and execute arbitrary PHP scripts via the "Link to Download" field. NOTE: it is possible that the field value is restricted to files on specific public web sites.
Exploits (1)
References (3)
Core 3
Core References
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/1862
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/20896
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/450681/100/0/threaded
Scores
EPSS
0.0343
EPSS Percentile
87.5%
Details
Status
published
Products (1)
php_rapid_kill/php_rapid_kill
5.7_pro
Published
Nov 15, 2006
Tracked Since
Feb 18, 2026