Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1363


Vulnerability Score 7.5 7.5
CVE Id CVE-2006-1363
Last Modified 07 Mar 2011 09:32:53
Published 23 Mar 2006 06:06:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



images.php in Justin White (aka YTZ) Free Web Publishing System (FreeWPS) 2.11 allows remote attackers to execute arbitrary PHP code by uploading a .php file into the /upload directory as specified in the dirPath parameter, then performing a direct request to that file.

Vulnerable Systems


  • Justin White Freewps 2.11


VUPEN - ADV-2006-1038

MILW0RM - 1600

XF - freewps-images-file-include(25377)

SECUNIA - 19343

Last Updated: 27 May 2016 10:42:02