Lucene search

[email protected]CVE-2006-2521

HistoryMay 22, 2006 - 10:02 p.m.

CVE-2006-2521

2006-05-2222:02:00

CWE-94

[email protected]

web.nvd.nist.gov

php

remote file inclusion

vulnerability

cron.php

phpmydirectory

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.6%

JSON

PHP remote file inclusion vulnerability in cron.php in phpMyDirectory 10.4.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the ROOT_PATH parameter.

CPENameOperatorVersion
accomplishtechnology:phpmydirectoryaccomplishtechnology phpmydirectoryeq1.1.1
accomplishtechnology:phpmydirectoryaccomplishtechnology phpmydirectoryeq1.4.0
accomplishtechnology:phpmydirectoryaccomplishtechnology phpmydirectoryeq1.3.5
accomplishtechnology:phpmydirectoryaccomplishtechnology phpmydirectoryeq1.1.3
accomplishtechnology:phpmydirectoryaccomplishtechnology phpmydirectoryeq1.0.7
accomplishtechnology:phpmydirectoryaccomplishtechnology phpmydirectoryeq1.4.1
accomplishtechnology:phpmydirectoryaccomplishtechnology phpmydirectoryeq1.0.6
accomplishtechnology:phpmydirectoryaccomplishtechnology phpmydirectoryeq1.1.0
accomplishtechnology:phpmydirectoryaccomplishtechnology phpmydirectoryeq1.3.4
accomplishtechnology:phpmydirectoryaccomplishtechnology phpmydirectoryeq1.2.1

CPE	Name	Operator	Version
accomplishtechnology:phpmydirectory	accomplishtechnology phpmydirectory	eq	1.1.1
accomplishtechnology:phpmydirectory	accomplishtechnology phpmydirectory	eq	1.4.0
accomplishtechnology:phpmydirectory	accomplishtechnology phpmydirectory	eq	1.3.5
accomplishtechnology:phpmydirectory	accomplishtechnology phpmydirectory	eq	1.1.3
accomplishtechnology:phpmydirectory	accomplishtechnology phpmydirectory	eq	1.0.7
accomplishtechnology:phpmydirectory	accomplishtechnology phpmydirectory	eq	1.4.1
accomplishtechnology:phpmydirectory	accomplishtechnology phpmydirectory	eq	1.0.6
accomplishtechnology:phpmydirectory	accomplishtechnology phpmydirectory	eq	1.1.0
accomplishtechnology:phpmydirectory	accomplishtechnology phpmydirectory	eq	1.3.4
accomplishtechnology:phpmydirectory	accomplishtechnology phpmydirectory	eq	1.2.1

Rows per page:

1-10 of 321

References

secunia.com/advisories/20209

www.vupen.com/english/advisories/2006/1896

exchange.xforce.ibmcloud.com/vulnerabilities/26625

www.exploit-db.com/exploits/1808

8.3 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.023 Low

EPSS

Percentile

89.6%

JSON

Related for CVE-2006-2521

prion1