Lucene search
MitreCVELIST:CVE-2006-2319HistoryMay 12, 2006 - 12:00 a.m.
CVE-2006-2319
2006-05-1200:00:00
mitre
www.cve.org
Ideal Science Ideal BB 1.5.4a and earlier does not properly check file extensions before permitting an upload, which allows remote attackers to upload and execute an ASP script via a 0x00 character before the “.asp” portion of the filename.
References
lists.grok.org.uk/pipermail/full-disclosure/2006-May/045887.html
secunia.com/advisories/20035
securityreason.com/securityalert/871
www.idealscience.com/ibb/posts.aspx?postID=24415
www.osvdb.org/25456
www.securityfocus.com/archive/1/433248/100/0/threaded
www.securityfocus.com/bid/17920
www.vupen.com/english/advisories/2006/1729
exchange.xforce.ibmcloud.com/vulnerabilities/26353
Related
cve
cve
CVE-2006-2319
2006-05-12 00:02:00
nvd
nvd
CVE-2006-2319
2006-05-12 00:02:00
prion
prion
Design/Logic Flaw
2006-05-12 00:02:00
nessus
nessus
IdealBB < 1.5.4b Multiple Vulnerabilities (XSS, SQLi, Upload, Traversal)
2006-05-11 00:00:00