Unrated severityNVD Advisory· Published Jan 9, 2007· Updated Jun 16, 2026
CVE-2007-0123
CVE-2007-0123
Description
Unrestricted file upload vulnerability in Uber Uploader 4.2 allows remote attackers to upload and execute arbitrary PHP scripts by naming them with a .phtml extension, which bypasses the .php extension check but is still executable on some server configurations.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:uber_uploader:uber_uploader:4.2:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:uber_uploader:uber_uploader:4.2:*:*:*:*:*:*:*
- (no CPE)range: =4.2
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.