CVE-2006-4922

Site@School <2.4.02 - RCE

Title source: llm

Description

Unrestricted file upload vulnerability in starnet/editors/htmlarea/popups/images.php in Site@School (S@S) 2.4.02 and earlier allows remote attackers to upload and execute arbitrary files with executable extensions.

Exploits (1)

exploitdb WORKING POC VERIFIED
by simo64 · perlwebappsphp
https://www.exploit-db.com/exploits/2374

References (4)

Scores

EPSS 0.0620
EPSS Percentile 90.9%

Details

Status published
Products (1)
siteatschool/siteatschool < 2.4.02
Published Sep 21, 2006
Tracked Since Feb 18, 2026