Vulnerabilities > CVE-2006-4581 - Remote vulnerability in the Address Book the Address Book 1.04E
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE Summary
Unrestricted file upload vulnerability in The Address Book 1.04e validates the Content-Type header but not the file extension, which allows remote attackers to upload arbitrary PHP scripts.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |