VYPR
Unrated severityNVD Advisory· Published Jun 19, 2006· Updated Jun 16, 2026

CVE-2006-3070

CVE-2006-3070

Description

write_ok.php in Zeroboard 4.1 pl8, when installed on Apache with mod_mime, allows remote attackers to bypass restrictions for uploading files with executable extensions by uploading a .htaccess file that with an AddType directive that assigns an executable module to files with assumed-safe extensions, as demonstrated by assigning the txt extension to be handled by application/x-httpd-php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:zeroboard:zeroboard:4.1_pl8:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:zeroboard:zeroboard:4.1_pl8:*:*:*:*:*:*:*
    • (no CPE)range: =4.1 pl8

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.