Lucene search

[email protected]CVE-2006-1747

HistoryApr 12, 2006 - 10:02 p.m.

CVE-2006-1747

2006-04-1222:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve

php

remote file inclusion

vulnerability

vwar 1.5.0

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.074 Low

EPSS

Percentile

94.0%

JSON

PHP remote file inclusion vulnerability in Virtual War (VWar) 1.5.0 allows remote attackers to execute arbitrary PHP code via a URL in the vwar_root parameter to (1) admin/admin.php, (2) war.php, (3) stats.php, (4) news.php, (5) joinus.php, (6) challenge.php, (7) calendar.php, (8) member.php, (9) popup.php, and other unspecified scripts in the admin folder. NOTE: these are different attack vectors than CVE-2006-1636 and CVE-2006-1503.

CPENameOperatorVersion
vwar:virtual_warvwar virtual wareq1.5.0

CPE	Name	Operator	Version
vwar:virtual_war	vwar virtual war	eq	1.5.0

References

liz0zim.no-ip.org/vwar.txt

marc.info/?l=bugtraq&m=115497619330609&w=2

www.blogcu.com/Liz0ziM/431925/

www.securityfocus.com/archive/1/430389/100/0/threaded

www.securityfocus.com/bid/17443

www.securityfocus.com/bid/19387

exchange.xforce.ibmcloud.com/vulnerabilities/28265

www.exploit-db.com/exploits/1658

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.074 Low

EPSS

Percentile

94.0%

JSON

Related for CVE-2006-1747

prion4 cve3 checkpoint_advisories2