2 matches found
CVE-2006-1704
Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to upload.php...
CVE-2006-1704
The CVE-2006-1704 entry concerns Sire 2.0 nws, where a flaw in upload.php allows remote attackers to upload arbitrary image files without authentication. The root cause is an unauthenticated file upload path via a direct request to upload.php, enabling an attacker to place image files on the serv...