CVE-2006-2319
CVE-2006-2319 affects Ideal Science Ideal BB 1.5.4a and earlier. The vulnerability arises from improper validation of file extensions before upload, allowing a remote attacker to insert a 0x00 character before the ".asp" portion of a filename to upload and execute an ASP script on the server. The...