CVE-2006-7070

Name of the Vulnerable Software and Affected Versions Etomite CMS versions 0.6.1 and earlier

Description The issue allows remote attackers to upload and execute arbitrary files. This is achieved by uploading a file with a filename that contains a .php extension followed to a valid image extension, such as .gif or .jpg, via the nfile[] parameter. The attacker can then call the rename function to execute the uploaded file.

Recommendations For Etomite CMS versions 0.6.1 and earlier, restrict access to the manager/media/ibrowser/scripts/rfiles.php script to prevent unauthorized file uploads. Avoid using the nfile[] parameter with filenames that contain a .php extension followed by a valid image extension. As a temporary workaround, consider disabling the file upload functionality in the affected script until a patch is available.