VYPR
Vendor

Sergey Korostel

Products
1
CVEs
3
Across products
3
Status
Private

Products

1

Recent CVEs

3
  • CVE-2006-6360Dec 7, 2006
    risk 0.03cvss epss 0.04

    PHP remote file inclusion vulnerability in activate.php in PHP Upload Center 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the footerpage parameter.

  • CVE-2006-1207Mar 14, 2006
    risk 0.00cvss epss 0.02

    PHP Upload Center stores password hashes under the web root with insufficient access control, which allows remote attackers to download each password hash via a direct request for the upload/users/[USERNAME] file.

  • CVE-2006-1208Mar 14, 2006
    risk 0.00cvss epss 0.02

    Sergey Korostel PHP Upload Center allows remote attackers to execute arbitrary PHP code by uploading a file whose name ends in a .php.li extension, which can be accessed from the upload directory.