Lucene search

[email protected]CVE-2006-0565

HistoryFeb 06, 2006 - 11:02 p.m.

CVE-2006-0565

2006-02-0623:02:00

CWE-94

[email protected]

web.nvd.nist.gov

php

remote file include

vulnerability

loudblog 0.4

security

exploit

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.271 Low

EPSS

Percentile

96.7%

JSON

PHP remote file include vulnerability in inc/backend_settings.php in Loudblog 0.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the $GLOBALS[path] parameter.

CPENameOperatorVersion
gerrit_van_aaken:loudbloggerrit van aaken loudblogle0.4
gerrit_van_aaken:loudbloggerrit van aaken loudblogeq0.2
gerrit_van_aaken:loudbloggerrit van aaken loudblogeq0.3
gerrit_van_aaken:loudbloggerrit van aaken loudblogeq0.1

CPE	Name	Operator	Version
gerrit_van_aaken:loudblog	gerrit van aaken loudblog	le	0.4
gerrit_van_aaken:loudblog	gerrit van aaken loudblog	eq	0.2
gerrit_van_aaken:loudblog	gerrit van aaken loudblog	eq	0.3
gerrit_van_aaken:loudblog	gerrit van aaken loudblog	eq	0.1

References

retrogod.altervista.org/loudblog_04_incl_xpl.html

secunia.com/advisories/18722

securityreason.com/securityalert/410

securityreason.com/securityalert/556

securitytracker.com/id?1015583

www.osvdb.org/22921

www.securityfocus.com/archive/1/423947/100/0/threaded

www.securityfocus.com/bid/16495

www.vupen.com/english/advisories/2006/0441

exchange.xforce.ibmcloud.com/vulnerabilities/24479

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.271 Low

EPSS

Percentile

96.7%

JSON

Related for CVE-2006-0565

prion1 nessus1