2 matches found
CVE-2006-6511
dadaIMC .99.3 uses an insufficiently restrictive FilesMatch directive in the installed .htaccess file, which allows remote attackers to execute arbitrary PHP code by uploading files whose names contain 1 feature, 2 editor, 3 newswire, 4 otherpress, 5 admin, 6 pbook, 7 media, or 8 mod, which are...
CVE-2006-6511
The CVE-2006-6511 entry concerns the product dadaIMC .99.3, where an insufficiently restrictive FilesMatch directive in the installed .htaccess allows remote attackers to execute arbitrary PHP code. Specifically, uploaded files whose names contain any of the words: feature, editor, newswire, othe...