2 matches found
CVE-2006-2695
admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers to execute arbitrary code by uploading scripts with arbitrary extensions to the img directory...
CVE-2006-2695
The CVE-2006-2695 entry concerns DGNews 1.5 and earlier, where the file admin/upprocess.php allows remote code execution by uploading scripts with arbitrary extensions into the img directory. The vulnerability stems from improper handling of uploaded files, enabling an attacker to run arbitrary c...