Vulnerabilities > CVE-2006-2931 - Unspecified vulnerability in Hotwebscripts CMS Mundo 1.0/1.0Build007
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote attackers to execute arbitrary PHP code by uploading and later directly accessing certain files.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://secunia.com/advisories/20362
- http://secunia.com/advisories/20362
- http://secunia.com/secunia_research/2006-43/advisory/
- http://secunia.com/secunia_research/2006-43/advisory/
- http://securitytracker.com/id?1016311
- http://securitytracker.com/id?1016311
- http://www.osvdb.org/26465
- http://www.osvdb.org/26465
- http://www.securityfocus.com/archive/1/437183/100/200/threaded
- http://www.securityfocus.com/archive/1/437183/100/200/threaded
- http://www.vupen.com/english/advisories/2006/2348
- http://www.vupen.com/english/advisories/2006/2348
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27094
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27094