{"id": "CVE-2006-0325", "bulletinFamily": "NVD", "title": "CVE-2006-0325", "description": "Etomite Content Management System 0.6, and possibly earlier versions, when downloaded from the web site in January 2006 after January 10, contains a back door in manager/includes/todo.inc.php, which allows remote attackers to execute arbitrary commands via the \"cij\" parameter.", "published": "2006-01-20T21:03:00", "modified": "2018-10-19T15:44:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-0325", "reporter": "cve@mitre.org", "references": ["http://www.etomite.org/forums/index.php?showtopic=4291", "https://exchange.xforce.ibmcloud.com/vulnerabilities/24254", "http://secunia.com/advisories/18556", "http://www.securityfocus.com/archive/1/423497/100/0/threaded", "http://www.vupen.com/english/advisories/2006/0283", "http://www.lucaercoli.it/advs/etomite.txt", "http://www.securityfocus.com/bid/16336", "http://www.etomite.org/forums/index.php?showtopic=4185", "http://www.osvdb.org/22693", "http://www.securityfocus.com/archive/1/423523/100/0/threaded"], "cvelist": ["CVE-2006-0325"], "type": "cve", "lastseen": "2019-05-29T18:08:30", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "e851d6e4ef7767bb98a6047fbfcc2af1"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cpe23", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cvelist", "hash": "36bd0d916903ec1b39788296e019fb2c"}, {"key": "cvss", "hash": "0b053db5674b87efff89989a8a720df3"}, {"key": "cvss2", "hash": "a11071654cde664199dac48330e1f990"}, {"key": "cvss3", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "cwe", "hash": "934ce29157a6d45c8431abcaa5060724"}, {"key": "description", "hash": "182ae6399eacb49bf81caecdf399df4d"}, {"key": "href", "hash": "217a9e2e6fc244d7fdd0a341fd60a4b9"}, {"key": "modified", "hash": "a0abae7509ca1925004926a540e08e3b"}, {"key": "published", "hash": "5402789ac1e4ebdcd56a5b740631c38a"}, {"key": "references", "hash": "6b6feac799d0ee2a604563a6cc721231"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "f42a28c7d1892885fbc8bfe7d4c07c96"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "2b409a138aa08a8b557774d5d384d7dc24fa2b4c2aaeaffa00f15f30bb1b6680", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "osvdb", "idList": ["OSVDB:22693"]}], "modified": "2019-05-29T18:08:30", "rev": 2}, "score": {"value": 7.8, "vector": "NONE", "modified": "2019-05-29T18:08:30", "rev": 2}, "vulnersScore": 7.8}, "objectVersion": "1.3", "cpe": [], "affectedSoftware": [{"name": "etomite etomite", "operator": "le", "version": "0.6"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": true, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "cpe23": [], "cwe": ["CWE-78"]}

{"osvdb": [{"lastseen": "2017-04-28T13:20:19", "bulletinFamily": "software", "description": "## Vulnerability Description\nEtomite Content Management System contains a default backdoor in the 'todo.inc.php' script. A remote attacker could exploit this vulnerability by sending a specially-crafted URL to the todo.inc.php script that uses the 'cij' parameter to pass malicious code to the popen() function, allowing the attacker to execute commands on the system. While the command output is mailed to a hardcoded email address, the commands are still executed.\n## Solution Description\nUpgrade to version 0.6.1 (beta) or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nEtomite Content Management System contains a default backdoor in the 'todo.inc.php' script. A remote attacker could exploit this vulnerability by sending a specially-crafted URL to the todo.inc.php script that uses the 'cij' parameter to pass malicious code to the popen() function, allowing the attacker to execute commands on the system. While the command output is mailed to a hardcoded email address, the commands are still executed.\n## References:\nVendor URL: http://www.etomite.org/\nVendor Specific News/Changelog Entry: http://www.etomite.org/forums/index.php?showtopic=4185\n[Secunia Advisory ID:18556](https://secuniaresearch.flexerasoftware.com/advisories/18556/)\nOther Advisory URL: http://www.lucaercoli.it/advs/etomite.txt\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-01/0497.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-01/0505.html\nISS X-Force ID: 24254\n[CVE-2006-0325](https://vulners.com/cve/CVE-2006-0325)\n", "modified": "2006-01-19T08:32:33", "published": "2006-01-19T08:32:33", "href": "https://vulners.com/osvdb/OSVDB:22693", "id": "OSVDB:22693", "type": "osvdb", "title": "Etomite todo.inc.php cij Variable Arbitrary Command Execution", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}