CVE-2007-5738 Information

Description

The FlashUpload component in Korean GHBoard uses a client-side protection mechanism to prevent uploading of dangerous file extensions which allows remote attackers to bypass restrictions and upload arbitrary files via a modified copy of component/flashupload/upload.html.

Reference

http://osvdb.org/38920 http://securityreason.com/securityalert/3325 http://www.securityfocus.com/archive/1/482687/100/0/threaded http://www.securityfocus.com/bid/26182