Lucene search

[email protected]CVE-2006-1890

HistoryApr 20, 2006 - 10:02 a.m.

CVE-2006-1890

2006-04-2010:02:00

CWE-94

[email protected]

web.nvd.nist.gov

cve-2006-1890

php

remote file inclusion

mywebland

myevent

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.405 Medium

EPSS

Percentile

97.2%

JSON

Multiple PHP remote file inclusion vulnerabilities in myWebland myEvent 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the myevent_path parameter in (1) event.php and (2) initialize.php. NOTE: vector 2 was later reported to affect 1.4 as well.

CPENameOperatorVersion
mywebland:myeventmywebland myeventeq1.4
mywebland:myeventmywebland myeventeq1.2

CPE	Name	Operator	Version
mywebland:myevent	mywebland myevent	eq	1.4
mywebland:myevent	mywebland myevent	eq	1.2

References

secunia.com/advisories/19680

securityreason.com/securityalert/726

securityreason.com/securityalert/767

securitytracker.com/id?1016616

www.osvdb.org/24722

www.osvdb.org/24723

www.securityfocus.com/archive/1/431125/100/0/threaded

www.securityfocus.com/bid/17575

www.vupen.com/english/advisories/2006/1384

exchange.xforce.ibmcloud.com/vulnerabilities/25882

exchange.xforce.ibmcloud.com/vulnerabilities/28347

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.405 Medium

EPSS

Percentile

97.2%

JSON

Related for CVE-2006-1890

prion1 nessus1 openvas1