Lucene search
HistoryJun 09, 2006 - 10:02 a.m.
CVE-2006-2929
cve
2006
2929
php
remote file inclusion
openemr
security vulnerability
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
High
0.054 Low
EPSS
Percentile
93.1%
PHP remote file inclusion vulnerability in contrib/forms/evaluation/C_FormEvaluation.class.php in OpenEMR 2.8.1 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[fileroot] parameter.
Affected configurations
Node
openemropenemrRange≤2.8.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| openemr:openemr | openemr | le | 2.8.1 |
Related
nessus
nessus
OpenEMR C_FormEvaluation.class.php fileroot Parameter Remote File Inclusion
2006-06-09 00:00:00
prion
prion
Remote file inclusion
2006-06-09 10:02:00
nvd
nvd
CVE-2006-2929
2006-06-09 10:02:00
cvelist
cvelist
CVE-2006-2929
2006-06-09 10:00:00
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.5 High
AI Score
Confidence
High
0.054 Low
EPSS
Percentile
93.1%
Related for CVE-2006-2929