CVE-2006-0936

2006-02-2811:00:00

mitre

www.cve.org

7 High

AI Score

Confidence

Low

0.014 Low

EPSS

Percentile

86.3%

JSON

Free Host Shop Website Generator 3.3 allows remote authenticated users with administrative privileges to upload and execute arbitrary files via a formname parameter with a filename containing a dangerous file extension and a trailing %00.

References

nsag.ru/vuln/894.html

secunia.com/advisories/19014

www.securityfocus.com/archive/1/426077/100/0/threaded

www.securityfocus.com/bid/16823