Vulnerabilities > CVE-2006-2899 - Unspecified vulnerability in Estsoft Internetdisk

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
estsoft
exploit available
NVD
Published: 2006-06-07
Updated: 2018-10-18

Summary

Unspecified vulnerability in ESTsoft InternetDISK versions before 2006/04/20 allows remote authenticated users to execute arbitrary code, possibly by uploading a file with multiple extensions into the WebLink directory. This vulnerability is addressed in the following product release: ESTsoft, InternetDISK, (version released 2006.04.20)

Vulnerable Configurations

Part Description Count
Application
Estsoft
1

Exploit-Db

descriptionESTsoft InternetDisk Arbitrary File Upload and Script Execution Vulnerability. CVE-2006-2899. Webapps exploit for php platform
idEDB-ID:27972
last seen2016-02-03
modified2006-06-05
published2006-06-05
reporterKil13r
sourcehttps://www.exploit-db.com/download/27972/
titleESTsoft InternetDisk Arbitrary File Upload and Script Execution Vulnerability

References