CVE-2006-2318

2006-05-12T00:02:00
ID CVE-2006-2318
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:39:00

Description

Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server. This vulnerability is addressed in the following product release: Ideal Science, Ideal BB, 1.5.4b