CVE-2006-1363

2006-03-23T11:06:00
ID CVE-2006-1363
Type cve
Reporter cve@mitre.org
Modified 2017-10-11T01:30:00

Description

images.php in Justin White (aka YTZ) Free Web Publishing System (FreeWPS) 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file.