CVE-2006-6570

Name of the Vulnerable Software and Affected Versions GenesisTrader version 1.0

Description The issue concerns an unrestricted file upload vulnerability. This vulnerability allows remote authenticated users to upload arbitrary files. The vulnerability possibly involves form.php and the ajoutfich action with the foap parameter.

Recommendations For GenesisTrader version 1.0, consider restricting access to the upload.php file and the ajoutfich action in form.php to prevent arbitrary file uploads until a fix is available. As a temporary workaround, restrict the use of the foap action to minimize the risk of exploitation.