cbcvebase.
CVE-2006-2743
published 2006-06-01

CVE-2006-2743: Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote…

PriorityP345medium5.1CVSS 2.0
AVNACHAuNCPIPAP
EXPLOIT
EPSS
11.12%
95.4th percentile
Drupal 4.6.x before 4.6.7 and 4.7.0, when running on Apache with mod_mime, does not properly handle files with multiple extensions, which allows remote attackers to upload, modify, or execute arbitrary files in the files directory.

Affected

11 ranges
VendorProductVersion rangeFixed in
drupaldrupal
drupaldrupal
drupaldrupal
drupaldrupal
drupaldrupal
drupaldrupal
drupaldrupal
drupaldrupal
drupaldrupal
drupaldrupal
drupaldrupal
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.