Lucene search

[email protected]CVE-2006-2863

HistoryJun 06, 2006 - 8:06 p.m.

CVE-2006-2863

2006-06-0620:06:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-2863

php

remote file inclusion

vulnerability

cs-cart 1.3.3

arbitrary code execution

url

security

8.3 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.107 Low

EPSS

Percentile

95.0%

JSON

PHP remote file inclusion vulnerability in class.cs_phpmailer.php in CS-Cart 1.3.3 allows remote attackers to execute arbitrary PHP code via a URL in the classes_dir parameter.

CPENameOperatorVersion
cs-cart:cs-cartcs-carteq1.3.0
cs-cart:cs-cartcs-cartle1.3.3

CPE	Name	Operator	Version
cs-cart:cs-cart	cs-cart	eq	1.3.0
cs-cart:cs-cart	cs-cart	le	1.3.3

References

secunia.com/advisories/20440

www.attrition.org/pipermail/vim/2006-June/000824.html

www.securityfocus.com/bid/18263

www.vupen.com/english/advisories/2006/2125

exchange.xforce.ibmcloud.com/vulnerabilities/26911

www.exploit-db.com/exploits/1872

8.3 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.107 Low

EPSS

Percentile

95.0%

JSON

Related for CVE-2006-2863

prion1