5.1
CVE-2006-2743
- EPSS 11.12%
- Veröffentlicht 01.06.2006 10:02:00
- Zuletzt bearbeitet 16.06.2026 22:25:39
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 11.12% | 0.954 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.1 | 4.9 | 6.4 |
AV:N/AC:H/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/20140
http://secunia.com/advisories/21244
http://www.debian.org/security/2006/dsa-1125
http://www.securityfocus.com/bid/18245
http://www.vupen.com/english/advisories/2006/1975
http://drupal.org/node/65409
http://www.securityfocus.com/archive/1/435794/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/26655
https://www.exploit-db.com/exploits/1821