Vulnerabilities > CVE-2006-0936 - Unspecified vulnerability in Free Host Shop Website Generator 3.3
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN free-host-shop
exploit available
Summary
Free Host Shop Website Generator 3.3 allows remote authenticated users with administrative privileges to upload and execute arbitrary files via a formname parameter with a filename containing a dangerous file extension and a trailing %00.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | FreeHostShop Website Generator 3.3 Arbitrary File Upload Vulnerability. CVE-2006-0936. Webapps exploit for php platform |
| id | EDB-ID:27312 |
| last seen | 2016-02-03 |
| modified | 2006-02-25 |
| published | 2006-02-25 |
| reporter | NSA Group |
| source | https://www.exploit-db.com/download/27312/ |
| title | FreeHostShop Website Generator 3.3 - Arbitrary File Upload Vulnerability |
References
- http://nsag.ru/vuln/894.html
- http://nsag.ru/vuln/894.html
- http://secunia.com/advisories/19014
- http://secunia.com/advisories/19014
- http://www.securityfocus.com/archive/1/426077/100/0/threaded
- http://www.securityfocus.com/archive/1/426077/100/0/threaded
- http://www.securityfocus.com/bid/16823
- http://www.securityfocus.com/bid/16823