CVE-2006-2319

CVE-2006-2319 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Ideal Science Ideal BB 1.5.4a and earlier does not properly check file extensions before permitting an upload, which allows remote attackers to upload and execute an ASP script via a 0x00 character before the ".asp" portion of the filename.

Learn more about our Web Application Penetration Testing UK.