Lucene search
HistoryApr 12, 2006 - 10:02 p.m.
CVE-2006-1749
cve-2006-1749
php
remote file inclusion
vulnerability
config.php
phplistpro 2.0
nvd
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.079 Low
EPSS
Percentile
94.3%
PHP remote file inclusion vulnerability in config.php in phpListPro 2.0 and earlier allows remote attackers to execute arbitrary PHP code via the returnpath parameter. NOTE: this issue was later reported to affect 2.01 as well.
Affected configurations
Node
smartisoftphplistproRange≤2.0
ORsmartisoftphplistproMatch2.01
| CPE | Name | Operator | Version |
|---|---|---|---|
| smartisoft:phplistpro | smartisoft phplistpro | le | 2.0 |
| smartisoft:phplistpro | smartisoft phplistpro | eq | 2.01 |
Related
openvas
openvas
phpListPro returnpath Remote File Include Vulnerabilities
2008-10-24 00:00:00
phpListPro returnpath Remote File Include Vulnerabilities
2008-10-24 00:00:00
cvelist
cvelist
CVE-2006-1749
2006-04-12 22:00:00
CVE-2006-2323
2006-05-12 00:00:00
nvd
nvd
CVE-2006-1749
2006-04-12 22:02:00
CVE-2006-2323
2006-05-12 00:02:00
prion
prion
Remote file inclusion
2006-04-12 22:02:00
Remote file inclusion
2006-05-12 00:02:00
nessus
nessus
phpListPro Multiple Script returnpath Parameter Remote File Inclusions
2006-05-03 00:00:00
cve
cve
CVE-2006-2323
2006-05-12 00:02:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
Low
0.079 Low
EPSS
Percentile
94.3%
Related for CVE-2006-1749