Vulnerability Details CVE-2006-0702
admin/upload.php in imageVue 16.1 allows remote attackers to upload arbitrary files to certain allowed folders via .. (dot dot) sequences in the path parameter. NOTE: due to the lack of details, the specific vulnerability type cannot be determined, although it might be due to directory traversal.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.048
EPSS Ranking 89.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://secunia.com/advisories/18802
- http://www.securityfocus.com/archive/1/424745/30/0/threaded
- http://www.securityfocus.com/bid/16594
- http://www.vupen.com/english/advisories/2006/0570
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24633
- http://secunia.com/advisories/18802
- http://www.securityfocus.com/archive/1/424745/30/0/threaded
- http://www.securityfocus.com/bid/16594
- http://www.vupen.com/english/advisories/2006/0570
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24633