Lucene search

[email protected]CVE-2006-2245

HistoryMay 09, 2006 - 10:02 a.m.

CVE-2006-2245

2006-05-0910:02:00

CWE-94

[email protected]

web.nvd.nist.gov

php

remote file inclusion

vulnerability

auction

phpbb

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.085 Low

EPSS

Percentile

94.4%

JSON

PHP remote file inclusion vulnerability in auction\auction_common.php in Auction mod 1.3m for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.

CPENameOperatorVersion
phpbb_group:phpbb-auctionphpbb group phpbb-auctioneq1.2m
phpbb_group:phpbb-auctionphpbb group phpbb-auctioneq1.3m
phpbb_group:phpbb-auctionphpbb group phpbb-auctioneq1.0m

CPE	Name	Operator	Version
phpbb_group:phpbb-auction	phpbb group phpbb-auction	eq	1.2m
phpbb_group:phpbb-auction	phpbb group phpbb-auction	eq	1.3m
phpbb_group:phpbb-auction	phpbb group phpbb-auction	eq	1.0m

References

pridels0.blogspot.com/2006/05/phpbb-auction-mod-remote-file.html

secunia.com/advisories/19944

www.osvdb.org/25263

www.securityfocus.com/bid/17822

www.vupen.com/english/advisories/2006/1641

exchange.xforce.ibmcloud.com/vulnerabilities/26192

7.8 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.085 Low

EPSS

Percentile

94.4%

JSON

Related for CVE-2006-2245

prion1 nessus1