CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-0695

Ansilove before 1.03 does not filter uploaded file extensions, which allows remote attackers to execute arbitrary code by uploading arbitrary files with dangerous extensions, then accessing them directly in the upload directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.025

EPSS Ranking 84.7%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/advisories/18810
http://sourceforge.net/project/shownotes.php?release_id=392826
http://www.securityfocus.com/bid/16603
http://www.vupen.com/english/advisories/2006/0536
https://exchange.xforce.ibmcloud.com/vulnerabilities/24684
http://secunia.com/advisories/18810
http://sourceforge.net/project/shownotes.php?release_id=392826
http://www.securityfocus.com/bid/16603
http://www.vupen.com/english/advisories/2006/0536
https://exchange.xforce.ibmcloud.com/vulnerabilities/24684

Products affected by CVE-2006-0695

Ansilove » Ansilove » Version: 1.01

cpe:2.3:a:ansilove:ansilove:1.01
Ansilove » Ansilove » Version: 1.02

cpe:2.3:a:ansilove:ansilove:1.02

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-0695

Products

Pricing

Contact Us