Описание
Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server.
Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-2318
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26353
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045887.html
- http://secunia.com/advisories/20035
- http://securityreason.com/securityalert/871
- http://www.idealscience.com/ibb/posts.aspx?postID=24415
- http://www.osvdb.org/25456
- http://www.securityfocus.com/archive/1/433248/100/0/threaded
- http://www.securityfocus.com/bid/17920
- http://www.vupen.com/english/advisories/2006/1729
EPSS
Процентиль: 78%
0.01119
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server.
EPSS
Процентиль: 78%
0.01119
Низкий