VYPR
Unrated severityNVD Advisory· Published Oct 23, 2007· Updated Jun 16, 2026

CVE-2007-5654

CVE-2007-5654

Description

LiteSpeed Web Server before 3.2.4 allows remote attackers to trigger use of an arbitrary MIME type for a file via a "%00." sequence followed by a new extension, as demonstrated by reading PHP source code via requests for .php%00.txt files, aka "Mime Type Injection."

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • cpe:2.3:a:litespeed_technologies:litespeed_web_server:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:litespeed_technologies:litespeed_web_server:*:*:*:*:*:*:*:*range: <=3.2.3
    • (no CPE)range: <3.2.4
    • (no CPE)range: <3.2.4

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.