CVE-2006-2695

CVE-2006-2695

EPSS 2.3%

admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers to execute arbitrary code by uploading scripts with arbitrary extensions to the img directory.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://pridels0.blogspot.com/2006/05/dgnews-v-15-file-upload-vuln.html http://secunia.com/advisories/20340 http://securitytracker.com/id?1016174 https://exchange.xforce.ibmcloud.com/vulnerabilities/26790 http://www.vupen.com/english/advisories/2006/2054