CVE-2006-6338

Publication date

2006-12-07 01:00:00

Family

mitre

State

PUBLISHED

Description

Unrestricted file upload vulnerability in upload/index.php in deV!L`z Clanportal (DZCP) before 1.3.6.1 allows remote attackers to upload and execute arbitrary .php files by embedding PHP code in a JPEG or GIF file that is uploaded to inc/images/uploads/userpics/.