← back
CVE-2006-0936

CVE-2006-0936

EPSS 2.3%
Free Host Shop Website Generator 3.3 allows remote authenticated users with administrative privileges to upload and execute arbitrary files via a formname parameter with a filename containing a dangerous file extension and a trailing %00.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/27312unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://nsag.ru/vuln/894.htmlhttp://secunia.com/advisories/19014http://www.securityfocus.com/archive/1/426077/100/0/threadedhttp://www.securityfocus.com/bid/16823