Lucene search

[email protected]CVE-2006-6570

HistoryDec 15, 2006 - 11:28 a.m.

CVE-2006-6570

2006-12-1511:28:00

[email protected]

web.nvd.nist.gov

cve-2006-6570

unrestricted file upload

genesistrader 1.0

remote authenticated users

arbitrary files

form.php

vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

81.1%

JSON

Unrestricted file upload vulnerability in upload.php in GenesisTrader 1.0 allows remote authenticated users to upload arbitrary files via unspecified vectors, possibly involving form.php and the ajoutfich “foap” action.

Affected configurations

NVD

Node

genesistradergenesistraderMatch1.0

CPENameOperatorVersion
genesistrader:genesistradergenesistradereq1.0

CPE	Name	Operator	Version
genesistrader:genesistrader	genesistrader	eq	1.0

References

securityreason.com/securityalert/2035

www.securityfocus.com/archive/1/454385/100/0/threaded

www.securityfocus.com/bid/21595

exchange.xforce.ibmcloud.com/vulnerabilities/30889

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.9 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

81.1%

JSON

Related for CVE-2006-6570

cvelist1 nvd1