Lucene search

K
cve[email protected]CVE-2006-2318
HistoryMay 12, 2006 - 12:02 a.m.

CVE-2006-2318

2006-05-1200:02:00
NVD-CWE-Other
web.nvd.nist.gov
24
cve-2006-2318
incomplete blacklist vulnerability
ideal science ideal bb
remote attackers
asp script
extension bypass
nvd

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

94.9%

Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a “.asa” file, which bypasses the check for the “.asp” extension but is executable on the server.

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

94.9%

Related for CVE-2006-2318