Lucene search

[email protected]CVE-2006-1781

HistoryApr 13, 2006 - 10:02 a.m.

CVE-2006-1781

2006-04-1310:02:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2006-1781

php

remote file inclusion

circle r monster top list

mtl 1.4

nvd

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.209 Low

EPSS

Percentile

96.3%

JSON

PHP remote file inclusion vulnerability in functions.php in Circle R Monster Top List (MTL) 1.4 allows remote attackers to execute arbitrary PHP code via a URL in the root_path parameter. NOTE: It was later reported that 1.4.2 and earlier are affected.

CPENameOperatorVersion
circle_r:monster_top_listcircle r monster top listle1.4.2

CPE	Name	Operator	Version
circle_r:monster_top_list	circle r monster top list	le	1.4.2

References

pridels0.blogspot.com/2006/04/monstertoplist.html

secunia.com/advisories/19688

www.osvdb.org/24650

www.securityfocus.com/bid/17546

www.securityfocus.com/bid/23074

www.vupen.com/english/advisories/2006/1350

exchange.xforce.ibmcloud.com/vulnerabilities/25774

www.exploit-db.com/exploits/3530

7.6 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.209 Low

EPSS

Percentile

96.3%

JSON

Related for CVE-2006-1781

openvas2 prion1 nessus1