CVE-2006-5833 - Genal Acceleration
Description
gbcms_php_files/up_loader.php GreenBeast CMS 1.3 does not require authentication to upload files which allows remote attackers to cause a denial of service (disk consumption) and execute arbitrary code by uploading arbitrary files such as executing PHP code via an uploaded PHP file.
Reference
http://newhack.org/advisories/GreenBeastCMS.txt http://www.securityfocus.com/bid/20950 http://securitytracker.com/id?1017176 http://secunia.com/advisories/22769 http://securityreason.com/securityalert/1841 http://www.vupen.com/english/advisories/2006/4416 https://exchange.xforce.ibmcloud.com/vulnerabilities/30069 http://www.securityfocus.com/archive/1/450785/100/0/threaded