CVE-2006-6994 Information

Description

Unrestricted file upload vulnerability in add.asp in OzzyWork Gallery possibly 2.0 and earlier allows remote attackers to upload and execute arbitrary ASP files by removing the client-side security checks.

Reference

http://marc.info/?l=bugtraq&m=114723238307299&w=2 http://secunia.com/advisories/20049 http://www.osvdb.org/25427 http://www.securityfocus.com/bid/17946 http://www.vupen.com/english/advisories/2006/1768 https://exchange.xforce.ibmcloud.com/vulnerabilities/26365