Vulnerability Description
Unrestricted file upload vulnerability in RapidKill (aka PHP Rapid Kill) 5.7 Pro, and certain other versions, allows remote attackers to upload and execute arbitrary PHP scripts via the "Link to Download" field. NOTE: it is possible that the field value is restricted to files on specific public web sites.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Php Rapid Kill | Php Rapid Kill | 5.7_pro |
References
- http://securityreason.com/securityalert/1862
- http://www.securityfocus.com/archive/1/450681/100/0/threaded
- http://www.securityfocus.com/bid/20896
- http://securityreason.com/securityalert/1862
- http://www.securityfocus.com/archive/1/450681/100/0/threaded
- http://www.securityfocus.com/bid/20896
FAQ
What is CVE-2006-5918?
CVE-2006-5918 is a vulnerability with a CVSS score of 7.5 (HIGH). Unrestricted file upload vulnerability in RapidKill (aka PHP Rapid Kill) 5.7 Pro, and certain other versions, allows remote attackers to upload and execute arbitrary PHP scripts via the "Link to Downl...
How severe is CVE-2006-5918?
CVE-2006-5918 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5918?
Check the references section above for vendor advisories and patch information. Affected products include: Php Rapid Kill Php Rapid Kill.