cbcvebase.
CVE-2006-6338
published 2006-12-07

CVE-2006-6338: Unrestricted file upload vulnerability in upload/index.php in deV!L`z Clanportal (DZCP) before 1.3.6.1 allows remote attackers to upload and execute arbitrary…

PriorityP338medium5CVSS 2.0
AVNACLAuNCNIPAN
EXPLOIT
EPSS
2.58%
83.3th percentile
Unrestricted file upload vulnerability in upload/index.php in deV!L`z Clanportal (DZCP) before 1.3.6.1 allows remote attackers to upload and execute arbitrary .php files by embedding PHP code in a JPEG or GIF file that is uploaded to inc/images/uploads/userpics/.

Affected

1 ranges
VendorProductVersion rangeFixed in
devilz_clanportaldevilz_clanportal
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.