CVE-2006-2319

2006-05-11T20:02:00
ID CVE-2006-2319
Type cve
Reporter NVD
Modified 2017-07-19T21:31:22

Description

Ideal Science Ideal BB 1.5.4a and earlier does not properly check file extensions before permitting an upload, which allows remote attackers to upload and execute an ASP script via a 0x00 character before the ".asp" portion of the filename.