Lucene search
HistoryMar 07, 2006 - 11:02 a.m.
CVE-2006-1032
cve-2006-1032
eval injection
phprpc
rpc_decoder.php
security vulnerability
remote code execution
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
Low
0.151 Low
EPSS
Percentile
95.9%
Eval injection vulnerability in the decode function in rpc_decoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag.
Affected configurations
Node
phprpcphprpcMatch0.7
ORphprpcphprpcMatch0.8
ORphprpcphprpcMatch0.9
| CPE | Name | Operator | Version |
|---|---|---|---|
| phprpc:phprpc | phprpc | eq | 0.7 |
| phprpc:phprpc | phprpc | eq | 0.8 |
| phprpc:phprpc | phprpc | eq | 0.9 |
References
Related
saint
saint
phpRPC decode function command execution
2006-03-13 00:00:00
phpRPC decode function command execution
2006-03-13 00:00:00
phpRPC decode function command execution
2006-03-13 00:00:00
exploitpack
exploitpack
phpRPC 0.7 - Remote Code Execution
2016-02-26 00:00:00
prion
prion
Design/Logic Flaw
2006-03-07 11:02:00
nessus
nessus
phpRPC Library rpc_decoder.php decode() Function Arbitrary Code Execution
2006-02-28 00:00:00
cvelist
cvelist
CVE-2006-1032
2006-03-07 11:00:00
nvd
nvd
CVE-2006-1032
2006-03-07 11:02:00
exploitdb
exploitdb
phpRPC < 0.7 - Remote Code Execution
2016-02-26 00:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.7 High
AI Score
Confidence
Low
0.151 Low
EPSS
Percentile
95.9%
Related for CVE-2006-1032