Skip to main content

CVE-2006-0936

Severity Medium
Score 6.5/10

Summary

Free Host Shop Website Generator 3.3 allows remote authenticated users with administrative privileges to upload and execute arbitrary files via a formname parameter with a filename containing a dangerous file extension and a trailing %00.

  • LOW
  • NETWORK
  • SINGLE
  • PARTIAL
  • PARTIAL
  • PARTIAL

References

Advisory Timeline

  • Published