CVE-2006-4581

2007-01-0320:00:00

flexera

www.cve.org

AI Score

6.9

Confidence

High

EPSS

0.011

Percentile

84.3%

JSON

Unrestricted file upload vulnerability in The Address Book 1.04e validates the Content-Type header but not the file extension, which allows remote attackers to upload arbitrary PHP scripts.

References

osvdb.org/32560

secunia.com/advisories/21694

secunia.com/secunia_research/2006-76/advisory/

www.securityfocus.com/bid/21870

exchange.xforce.ibmcloud.com/vulnerabilities/31250