Vulnerabilities > CVE-2006-3939 - Unspecified vulnerability in Scriptscenter Ezupload PRO 2.2

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

scriptscenter

NVD

Published: 2006-07-31

Updated: 2024-11-21

Summary

ScriptsCenter ezUpload Pro 2.2.0 allows remote attackers to perform administrative activities without authentication in (1) filter.php, which permits changing the Extensions Mode file type; (2) access.php, which permits changing the Protection Method; (3) edituser.php, which permits adding upload capabilities to user accounts; (4) settings.php, which permits changing the admin information; and (5) index.php, which permits uploading of arbitrary files.

Vulnerable Configurations

Part	Description	Count
Application	Scriptscenter Scriptscenter Ezupload PRO 2.2	1

References

http://securityreason.com/securityalert/1305
http://securityreason.com/securityalert/1305
http://www.securityfocus.com/archive/1/441172/100/0/threaded
http://www.securityfocus.com/archive/1/441172/100/0/threaded
http://www.securityfocus.com/bid/19175
http://www.securityfocus.com/bid/19175