Arbitrary File Inclusion Vulnerability in PHPSimplicity Simplicity oF Upload before 1.3.1

CVE-2005-2607 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null ("%00") characters.

Learn more about our Web Application Penetration Testing UK.