NuytsTech Security

CVE-2006-2318

by ·

Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server.

Date published : 2006-05-11

http://www.securityfocus.com/bid/17920

http://www.securityfocus.com/archive/1/433248/100/0/threaded

Tags: