{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T12:02:16.116","vulnerabilities":[{"cve":{"id":"CVE-2007-5071","sourceIdentifier":"cve@mitre.org","published":"2007-09-24T23:17:00.000","lastModified":"2026-06-16T22:45:23.690","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Incomplete blacklist vulnerability in upload_img_cgi.php in Simple PHP Blog before 0.5.1 allows remote attackers to upload dangerous files and execute arbitrary code, as demonstrated by a filename ending in .php. or a .htaccess file, a different vector than CVE-2005-2733. NOTE: the vulnerability was also present in a 0.5.1 download available in the early morning of 20070923.  NOTE: the original 20070920 disclosure provided an incorrect filename, img_upload_cgi.php."},{"lang":"es","value":"Una vulnerabilidad de lista negra incompleta en el archivo upload_img_cgi.php en Simple PHPBlog versiones anteriores a 0.5.1, permite a atacantes remotos cargar archivos peligrosos y ejecutar código arbitrario, como es demostrado por un nombre de archivo que termina en .php. o un archivo .htaccess, un vector diferente de CVE-2005-2733. NOTA: esta vulnerabilidad también estaba presente en una versión 0.5.1 descargada disponible temprano en la mañana del 20070923. NOTA: la divulgación original del 20070920 proporcionaba un nombre de archivo incorrecto, img_upload_cgi.php."}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-16"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:alexander_palmo:simple_php_blog:*:*:*:*:*:*:*:*","versionEndIncluding":"0.5.0.1","matchCriteriaId":"237B3BD1-0D05-42ED-AAB5-84C9286F1596"}]}]}],"references":[{"url":"http://secunia.com/advisories/26968","source":"cve@mitre.org"},{"url":"http://www.securenetwork.it/ricerca/advisory/download/SN-2007-03.txt","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/480092/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/archive/1/480569/100/0/threaded","source":"cve@mitre.org"},{"url":"http://www.securityfocus.com/bid/25747","source":"cve@mitre.org"},{"url":"http://www.simplephpblog.com/comments.php?y=07&m=09&entry=entry070923-004446","source":"cve@mitre.org"},{"url":"http://www.simplephpblog.com/index.php?m=09&y=07","source":"cve@mitre.org"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36785","source":"cve@mitre.org"},{"url":"http://secunia.com/advisories/26968","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securenetwork.it/ricerca/advisory/download/SN-2007-03.txt","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/480092/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/archive/1/480569/100/0/threaded","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securityfocus.com/bid/25747","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.simplephpblog.com/comments.php?y=07&m=09&entry=entry070923-004446","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.simplephpblog.com/index.php?m=09&y=07","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/36785","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}