CVE-2006-3128
CVE-2006-3128 · MEDIUM Severity
AV:N/AC:H/AU:S/C:P/I:P/A:P
choose_file.php in easy-CMS 0.1.2, when mod_mime is installed, does not restrict uploads of filenames with multiple extensions, which allows remote attackers to execute arbitrary PHP code by uploading a PHP file with a GIF file extension, then directly accessing that file in the Repositories directory.
Learn more about our Cms Pen Testing.