CVE-2006-3381

2006-07-0620:00:00

mitre

www.cve.org

AI Score

7.6

Confidence

High

EPSS

0.04

Percentile

92.1%

JSON

SturGeoN Upload allows remote attackers to execute arbitrary PHP code by uploading a file with a .php extension, then directly accessing the file. NOTE: It is uncertain whether this is a vulnerability or a feature of the product.

References

acidr00t.free.fr/poc/sturgeonupv1.txt

www.securityfocus.com/archive/1/438876/100/0/threaded

www.securityfocus.com/bid/18764

exchange.xforce.ibmcloud.com/vulnerabilities/27612