Lucene search

[email protected]CVE-2006-2528

HistoryMay 22, 2006 - 10:02 p.m.

CVE-2006-2528

2006-05-2222:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2528

php

remote file inclusion

classified_right.php

phpbazar 2.1.0

vulnerability

nvd

8.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.009 Low

EPSS

Percentile

82.8%

JSON

PHP remote file inclusion vulnerability in classified_right.php in phpBazar 2.1.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the language_dir parameter.

CPENameOperatorVersion
smartisoft:phpbazarsmartisoft phpbazareq2.1.0

CPE	Name	Operator	Version
smartisoft:phpbazar	smartisoft phpbazar	eq	2.1.0

References

secunia.com/advisories/20198

securityreason.com/securityalert/933

www.osvdb.org/25700

www.securityfocus.com/archive/1/434558

www.securityfocus.com/bid/18052

exchange.xforce.ibmcloud.com/vulnerabilities/26618

8.3 High

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.009 Low

EPSS

Percentile

82.8%

JSON

Related for CVE-2006-2528

prion1