CVE-2006-6570

Unrestricted file upload vulnerability in upload.php in GenesisTrader 1.0 allows remote authenticated users to upload arbitrary files via unspecified vectors, possibly involving form.php and the ajoutfich "foap" action.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://securityreason.com/securityalert/2035
http://www.securityfocus.com/archive/1/454385/100/0/threaded
http://www.securityfocus.com/bid/21595
https://exchange.xforce.ibmcloud.com/vulnerabilities/30889

Configurations

Configuration 1 (hide)

cpe:2.3:a:genesistrader:genesistrader:1.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-12-15 11:28

Updated : 2018-10-17 21:49

NVD link : CVE-2006-6570

Mitre link : CVE-2006-6570

CVE.ORG link : CVE-2006-6570

JSON object : View

Products Affected

genesistrader

genesistrader

CWE

NVD-CWE-Other

7.5 /10