CVE-2007-1255

Connectix Boards <0.7 - RCE

Title source: llm

Description

Unrestricted file upload vulnerability in admin.bbcode.php in Connectix Boards 0.7 and earlier allows remote authenticated administrators to execute arbitrary PHP code by uploading a crafted GIF smiley image with a .php extension via the uploadimage parameter to admin.php, which can be later accessed via a direct request for the file in smileys/. NOTE: this can be leveraged with a separate SQL injection issue for remote unauthenticated attacks.

Exploits (1)

exploitdb WORKING POC VERIFIED

by DarkFig · phpwebappsphp

https://www.exploit-db.com/exploits/3352

View Code ZIP pw:eip

References (5)

[Exploit, Vendor Advisory] http://secunia.com/advisories/24255

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/460947/100/0/threaded

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/3352

[Third Party Advisory, VDB Entry] http://osvdb.org/33538

[Third Party Advisory] http://securityreason.com/securityalert/2364

Scores

EPSS 0.0136

EPSS Percentile 80.2%

Details

Status published

Products (14)

connectix/connectix_boards 0.4

connectix/connectix_boards 0.4.1

connectix/connectix_boards 0.4.2

connectix/connectix_boards 0.4.3

connectix/connectix_boards 0.4.4

connectix/connectix_boards 0.5

connectix/connectix_boards 0.5.1

connectix/connectix_boards 0.5.2

connectix/connectix_boards 0.5.3

connectix/connectix_boards 0.5.4

... and 4 more

Published Mar 03, 2007

Tracked Since Feb 18, 2026