|
|
CVE Reference: CVE-2006-4859 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-4859 |
|
|
Description: Unrestricted file upload vulnerability in contact.html.php in the Contact (com_contact) component in Limbo (aka Lite Mambo) CMS 1.0.4.2L and earlier allows remote attackers to upload PHP code to the images/contact folder via a filename with a double extension in the contact_attach parameter in a contact option in index.php, which bypasses an insufficiently restrictive regular expression. |
|
|
CVE Status: Candidate |
|
|
References: MISC http://www.milw0rm.com/exploits/2370 BID 20044 |
|
| Return to the previous page. |
