Lucene search

[email protected]CVE-2006-1294

HistoryMar 19, 2006 - 11:02 p.m.

CVE-2006-1294

2006-03-1923:02:00

[email protected]

web.nvd.nist.gov

cve-2006-1294

php

remote file include

vulnerability

knowledgebasepublisher 1.2

url

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.145 Low

EPSS

Percentile

95.8%

JSON

PHP remote file include vulnerability in PageController.php in KnowledgebasePublisher 1.2 allows remote attackers to include and execute arbitrary PHP code via a URL in the dir parameter.

Affected configurations

NVD

Node

knowledgebasepublisherknowledgebasepublisherMatch1.2

CPENameOperatorVersion
knowledgebasepublisher:knowledgebasepublisherknowledgebasepublishereq1.2

CPE	Name	Operator	Version
knowledgebasepublisher:knowledgebasepublisher	knowledgebasepublisher	eq	1.2

References

secunia.com/advisories/19298

sourceforge.net/project/shownotes.php?release_id=402179&group_id=144153

www.osvdb.org/24002

www.securityfocus.com/bid/17120

www.vupen.com/english/advisories/2006/1020

exchange.xforce.ibmcloud.com/vulnerabilities/25338

www.exploit-db.com/exploits/1587

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.145 Low

EPSS

Percentile

95.8%

JSON

Related for CVE-2006-1294

nvd1 prion1 cvelist1