Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-1704

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-1704
Last Modified 05 Sep 2008 05:02:36
Published 11 Apr 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-1704

Summary

Sire 2.0 nws allows remote attackers to upload arbitrary image files without authentication via a direct request to upload.php.

Vulnerable Systems

Application

  • Hubert Plisson Sire 2.0


References

BID - 17431

BUGTRAQ - 20060407 Sire 2.0 Nws Remote File inclusion & Arbitary Files Upload

XF - sire-upload-auth-bypass(25727)

SECTRACK - 1015885


Last Updated: 27 May 2016 10:42:10