Lucene search
HistoryApr 17, 2006 - 10:02 a.m.
CVE-2006-1793
cve
2006
1793
directory traversal vulnerability
runcms
remote attackers
arbitrary files
class.forumposts.php
forumpollrenderer.php
6.8 Medium
AI Score
Confidence
Low
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.009 Low
EPSS
Percentile
82.5%
Directory traversal vulnerability in runCMS 1.2 and earlier allows remote attackers to read arbitrary files via the bbPath[path] parameter to (1) class.forumposts.php and (2) forumpollrenderer.php. NOTE: this issue is closely related to CVE-2006-0659.
| CPE | Name | Operator | Version |
|---|---|---|---|
| runcms:runcms | runcms | eq | 1.1a |
| runcms:runcms | runcms | le | 1.2 |
| runcms:runcms | runcms | eq | 1.1 |
Related
prion
prion
Directory traversal
2006-04-17 10:02:00
Design/Logic Flaw
2006-02-13 11:06:00
Remote file inclusion
2008-07-28 17:41:00
nessus
nessus
RunCMS Multiple Script bbPath Parameter Remote File Inclusion
2006-02-10 00:00:00
cve
cve
CVE-2006-0659
2006-02-13 11:06:00
CVE-2008-3354
2008-07-28 17:41:00
6.8 Medium
AI Score
Confidence
Low
7.6 High
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:H/Au:N/C:C/I:C/A:C
0.009 Low
EPSS
Percentile
82.5%
Related for CVE-2006-1793