Lucene search

[email protected]CVE-2006-0945

HistoryMar 01, 2006 - 2:02 a.m.

CVE-2006-0945

2006-03-0102:02:00

CWE-94

[email protected]

web.nvd.nist.gov

php

remote file include

vulnerability

archangel weblog

nvd

7.9 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.7%

JSON

PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote authenticated administrators to execute arbitrary PHP code via a URL ending in a NULL (%00) in the index parameter.

CPENameOperatorVersion
archangelmgt:weblogarchangelmgt weblogeq0.90.02

CPE	Name	Operator	Version
archangelmgt:weblog	archangelmgt weblog	eq	0.90.02

References

securitytracker.com/id?1015689

www.osvdb.org/23621

www.securityfocus.com/archive/1/426184/100/0/threaded

www.securityfocus.com/bid/16848

exchange.xforce.ibmcloud.com/vulnerabilities/25142

7.9 High

AI Score

Confidence

Low

6.5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

75.7%

JSON

Related for CVE-2006-0945

cvelist1 prion1