Skip to main content

CVE-2006-6338

Severity Medium
Score 5/10

Summary

Unrestricted file upload vulnerability in upload/index.php in deV!L`z Clanportal (DZCP) before 1.3.6.1 allows remote attackers to upload and execute arbitrary .php files by embedding PHP code in a JPEG or GIF file that is uploaded to inc/images/uploads/userpics/.

  • LOW
  • NETWORK
  • NONE
  • PARTIAL
  • NONE
  • NONE

References

Advisory Timeline

  • Published