RSS   Vulnerabilities for 'Website generator'   RSS

2006-02-28
 
CVE-2006-0936

CWE-Other
 

 
Free Host Shop Website Generator 3.3 allows remote authenticated users with administrative privileges to upload and execute arbitrary files via a formname parameter with a filename containing a dangerous file extension and a trailing %00.

 


Copyright 2024, cxsecurity.com

 

Back to Top