Unrated severityNVD Advisory· Published May 12, 2006· Updated Apr 16, 2026
CVE-2006-2318
CVE-2006-2318
Description
Incomplete blacklist vulnerability in Ideal Science Ideal BB 1.5.4a and earlier allows remote attackers to upload and execute an ASP script via a ".asa" file, which bypasses the check for the ".asp" extension but is executable on the server.
Affected products
25cpe:2.3:a:ideal_science:idealbb:1.4.9:*:*:*:*:*:*:*+ 24 more
- cpe:2.3:a:ideal_science:idealbb:1.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.4.9a:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.4.9_beta:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.0_beta1:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.0_beta2:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.0_beta3:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.0_beta4:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.0_rc1:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.2a:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.2b:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.2c:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.3a:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.3b:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.3_beta1:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.3_beta2:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5.4a:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5_beta1:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5_beta2:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5_beta3:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5_beta4:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5_beta5:*:*:*:*:*:*:*
- cpe:2.3:a:ideal_science:idealbb:1.5_rc1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- www.idealscience.com/ibb/posts.aspxnvdPatch
- www.securityfocus.com/bid/17920nvdExploit
- secunia.com/advisories/20035nvdVendor Advisory
- lists.grok.org.uk/pipermail/full-disclosure/2006-May/045887.htmlnvd
- securityreason.com/securityalert/871nvd
- www.osvdb.org/25456nvd
- www.securityfocus.com/archive/1/433248/100/0/threadednvd
- www.vupen.com/english/advisories/2006/1729nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/26353nvd
News mentions
0No linked articles in our index yet.