Vulnerabilities > CVE-2006-2695 - Remote Security vulnerability in Dgnews
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
admin/upprocess.php in DGNews 1.5 and earlier allows remote attackers to execute arbitrary code by uploading scripts with arbitrary extensions to the img directory. Successful exploitation requires access to the administration section.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |