Lucene search

K
cve[email protected]CVE-2006-6994
HistoryFeb 12, 2007 - 11:28 a.m.

CVE-2006-6994

2007-02-1211:28:00
CWE-434
web.nvd.nist.gov
25
vulnerability
file upload
security
ozzywork gallery
remote attack
nvd

7.7 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.022 Low

EPSS

Percentile

89.3%

Unrestricted file upload vulnerability in add.asp in OzzyWork Gallery, possibly 2.0 and earlier, allows remote attackers to upload and execute arbitrary ASP files by removing the client-side security checks.

7.7 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.022 Low

EPSS

Percentile

89.3%

Related for CVE-2006-6994