Vulnerabilities > CVE-2006-1363 - Remote Security vulnerability in Justin White Freewps 2.11
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
images.php in Justin White (aka YTZ) Free Web Publishing System (FreeWPS) 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | FreeWPS <= 2.11 (images.php) Remote Code Execution Exploit. CVE-2006-1363. Webapps exploit for php platform |
file | exploits/php/webapps/1600.php |
id | EDB-ID:1600 |
last seen | 2016-01-31 |
modified | 2006-03-21 |
platform | php |
port | |
published | 2006-03-21 |
reporter | x128 |
source | https://www.exploit-db.com/download/1600/ |
title | FreeWPS <= 2.11 images.php Remote Code Execution Exploit |
type | webapps |