Lucene search

K
cve[email protected]CVE-2006-1208
HistoryMar 14, 2006 - 1:06 a.m.

CVE-2006-1208

2006-03-1401:06:00
web.nvd.nist.gov
31
cve-2006-1208
sergey korostel
php upload center
remote code execution
php.li extension
security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.03 Low

EPSS

Percentile

91.0%

Sergey Korostel PHP Upload Center allows remote attackers to execute arbitrary PHP code by uploading a file whose name ends in a .php.li extension, which can be accessed from the upload directory.

Affected configurations

NVD
Node
sergey_korostelphp_upload_center

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

High

0.03 Low

EPSS

Percentile

91.0%

Related for CVE-2006-1208