Lucene search

K
cve[email protected]CVE-2006-2852
HistoryJun 06, 2006 - 8:06 p.m.

CVE-2006-2852

2006-06-0620:06:00
CWE-94
web.nvd.nist.gov
18
php
remote file inclusion
dotwidget cms
vulnerability
cve-2006-2852

8.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

94.9%

PHP remote file inclusion vulnerability in dotWidget CMS 1.0.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the file_path parameter in (1) index.php, (2) feedback.php, and (3) printfriendly.php.

8.3 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

94.9%

Related for CVE-2006-2852