CVE-2006-6994

N/A Unknown

Published: February 12, 2007 Modified: April 23, 2026

Description

Unrestricted file upload vulnerability in add.asp in OzzyWork Gallery, possibly 2.0 and earlier, allows remote attackers to upload and execute arbitrary ASP files by removing the client-side security checks.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://marc.info/?l=bugtraq&m=114723238307299&w=2

Source: cve@mitre.org

Third Party Advisory

http://secunia.com/advisories/20049

Source: cve@mitre.org

Broken Link Permissions Required

http://www.osvdb.org/25427

Source: cve@mitre.org

Broken Link

http://www.securityfocus.com/bid/17946

Source: cve@mitre.org

Broken Link Third Party Advisory VDB Entry

http://www.vupen.com/english/advisories/2006/1768

Source: cve@mitre.org

Broken Link Not Applicable

https://exchange.xforce.ibmcloud.com/vulnerabilities/26365

Source: cve@mitre.org

Third Party Advisory VDB Entry

http://marc.info/?l=bugtraq&m=114723238307299&w=2