Vulnerabilities > CVE-2006-0936 - Unspecified vulnerability in Free Host Shop Website Generator 3.3
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Free Host Shop Website Generator 3.3 allows remote authenticated users with administrative privileges to upload and execute arbitrary files via a formname parameter with a filename containing a dangerous file extension and a trailing %00.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | FreeHostShop Website Generator 3.3 Arbitrary File Upload Vulnerability. CVE-2006-0936. Webapps exploit for php platform |
id | EDB-ID:27312 |
last seen | 2016-02-03 |
modified | 2006-02-25 |
published | 2006-02-25 |
reporter | NSA Group |
source | https://www.exploit-db.com/download/27312/ |
title | FreeHostShop Website Generator 3.3 - Arbitrary File Upload Vulnerability |