CVE-2005-4814

HIGH

Unrestricted file upload vulnerability in Segue CMS before 1.3.6, when the Apache HTTP Server handles .phtml files with the PHP interpreter, allows remote attackers to upload and execute arbitrary PHP code by placing .phtml files in the userfiles/ directory.

CVSS v2.0 Score

7.5

/ 10.0

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Information

Published: 31 déc. 2005
Updated: 16 avr. 2026
Status: Modified
Source: cve@mitre.org

Affected products

middlebury college segue cms

Versions : 1.3.5

Weaknesses (CWE)

NVD-CWE-Other

References (4)

http://sourceforge.net/project/shownotes.php?release_id=456920&group_id=82171
http://www.osvdb.org/29902
http://sourceforge.net/project/shownotes.php?release_id=456920&group_id=82171
http://www.osvdb.org/29902

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring