Lucene search

[email protected]CVE-2006-2122

HistoryMay 01, 2006 - 10:06 p.m.

CVE-2006-2122

2006-05-0122:06:00

CWE-94

[email protected]

web.nvd.nist.gov

php

remote file inclusion

vulnerability

coolmenus

index.php

nvd

8.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.088 Low

EPSS

Percentile

94.4%

JSON

PHP remote file inclusion vulnerability in index.php in CoolMenus allows remote attackers to execute arbitrary code via a URL in the page parameter. NOTE: the original report for this issue is probably erroneous, since CoolMenus does not appear to be written in PHP.

CPENameOperatorVersion
coolmenus:coolmenuscoolmenuseq4.0

CPE	Name	Operator	Version
coolmenus:coolmenus	coolmenus	eq	4.0

References

kurdishsecurity.blogspot.com/2006/04/coolmenus-event-remote-file-include.html

securityreason.com/securityalert/823

www.dhtmlcentral.com/projects/coolmenus/

www.securityfocus.com/archive/1/432395/100/0/threaded

www.securityfocus.com/archive/1/432597/100/0/threaded

www.securityfocus.com/archive/1/432630/100/0/threaded

www.securityfocus.com/bid/17738

8.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.088 Low

EPSS

Percentile

94.4%

JSON

Related for CVE-2006-2122

prion1