CVE-2006-5411
published 2006-10-20CVE-2006-5411: Unrestricted file upload vulnerability in upload.php for Free Web Publishing System (FreeWPS), possibly 2.11 and earlier, allows remote attackers to upload and…
PriorityP349high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.57%
83.2th percentile
Unrestricted file upload vulnerability in upload.php for Free Web Publishing System (FreeWPS), possibly 2.11 and earlier, allows remote attackers to upload and execute arbitrary PHP programs.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| justin_white | freewps | <= 2.11 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Justin White FreeWPS 2.11 File Upload upload.php privileges management (EDB-28795 / XFDB-29379)
vuldb·2026-04-25·CVSS 7.5
CVE-2006-5411 [HIGH] Justin White FreeWPS 2.11 File Upload upload.php privileges management (EDB-28795 / XFDB-29379)
A vulnerability was found in Justin White FreeWPS 2.11 and classified as critical. Impacted is an unknown function of the file upload.php of the component File Upload. The manipulation results in improper privilege management.
This vulnerability is reported as CVE-2006-5411. The attack can be launched remotely. Moreover, an exploit is present.
GHSA
GHSA-f39c-vhw5-3cc3: Unrestricted file upload vulnerability in upload
ghsa_unreviewed·2022-05-01
CVE-2006-5411 [HIGH] GHSA-f39c-vhw5-3cc3: Unrestricted file upload vulnerability in upload
Unrestricted file upload vulnerability in upload.php for Free Web Publishing System (FreeWPS), possibly 2.11 and earlier, allows remote attackers to upload and execute arbitrary PHP programs.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/19343http://securityreason.com/securityalert/1746http://www.securityfocus.com/archive/1/447870/100/200/threadedhttp://www.securityfocus.com/bid/20494https://exchange.xforce.ibmcloud.com/vulnerabilities/29379http://secunia.com/advisories/19343http://securityreason.com/securityalert/1746http://www.securityfocus.com/archive/1/447870/100/200/threadedhttp://www.securityfocus.com/bid/20494https://exchange.xforce.ibmcloud.com/vulnerabilities/29379
2006-10-20
Published