CVE-2007-0505 Information

Description

Unrestricted file upload vulnerability in the Project issue tracking 4.7.0 through 5.x before 20070123 a module for Drupal allows remote authenticated users to execute arbitrary code by attaching a file with executable or multiple extensions to a project issue.

Reference

http://drupal.org/node/112146 http://osvdb.org/32134 http://secunia.com/advisories/23887 http://www.securityfocus.com/bid/22224 http://www.vupen.com/english/advisories/2007/0312 https://exchange.xforce.ibmcloud.com/vulnerabilities/31729