CVE-2006-2931

2006-06-2119:00:00

flexera

www.cve.org

AI Score

7.7

Confidence

High

EPSS

0.03

Percentile

90.9%

JSON

CMS Mundo before 1.0 build 008 does not properly verify uploaded image files, which allows remote attackers to execute arbitrary PHP code by uploading and later directly accessing certain files.

References

secunia.com/advisories/20362

secunia.com/secunia_research/2006-43/advisory/

securitytracker.com/id?1016311

www.osvdb.org/26465

www.securityfocus.com/archive/1/437183/100/200/threaded

www.vupen.com/english/advisories/2006/2348

exchange.xforce.ibmcloud.com/vulnerabilities/27094