CVE-2006-2318

Опубликовано: 12 мая 2006

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ideal_science:idealbb:1.4.9:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.4.9_beta:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.4.9a:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.0_beta1:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.0_beta2:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.0_beta3:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.0_beta4:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.0_rc1:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.2a:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.2b:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.2c:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.3_beta1:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.3_beta2:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.3a:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.3b:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5.4a:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5_beta1:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5_beta2:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5_beta3:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5_beta4:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5_beta5:*:*:*:*:*:*:*

cpe:2.3:a:ideal_science:idealbb:1.5_rc1:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01119

Низкий

7.5 High

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-jppq-8x4c-g99v

github

почти 4 года назад