Lucene search

[email protected]CVE-2006-2483

HistoryMay 19, 2006 - 11:02 p.m.

CVE-2006-2483

2006-05-1923:02:00

[email protected]

web.nvd.nist.gov

264

cve-2006-2483

php

remote file inclusion

squirrelcart 2.2.2

vulnerability

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.6 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.6%

JSON

PHP remote file inclusion vulnerability in cart_content.php in Squirrelcart 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the cart_isp_root parameter.

Affected configurations

NVD

Node

lighthouse_developmentsquirrelcartMatch1.5.5

lighthouse_developmentsquirrelcartMatch1.6

lighthouse_developmentsquirrelcartMatch2.2.2

CPENameOperatorVersion
lighthouse_development:squirrelcartlighthouse development squirrelcarteq1.5.5
lighthouse_development:squirrelcartlighthouse development squirrelcarteq1.6
lighthouse_development:squirrelcartlighthouse development squirrelcarteq2.2.2

CPE	Name	Operator	Version
lighthouse_development:squirrelcart	lighthouse development squirrelcart	eq	1.5.5
lighthouse_development:squirrelcart	lighthouse development squirrelcart	eq	1.6
lighthouse_development:squirrelcart	lighthouse development squirrelcart	eq	2.2.2

References

secunia.com/advisories/20121

www.ldev.com/forums/showthread.php?p=9976#post9976

www.osvdb.org/25523

www.securityfocus.com/bid/17992

www.vupen.com/english/advisories/2006/1818

exchange.xforce.ibmcloud.com/vulnerabilities/26443

www.exploit-db.com/exploits/1790

6.4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

7.6 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.6%

JSON

Related for CVE-2006-2483

prion1 nvd1 cvelist1 nessus1