Lucene search

[email protected]CVE-2006-3040

HistoryJun 15, 2006 - 10:02 a.m.

CVE-2006-3040

2006-06-1510:02:00

[email protected]

web.nvd.nist.gov

cve-2006-3040

php

remote file inclusion

vulnerability

talkbox.php

amr talkbox

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

PHP remote file inclusion vulnerability in talkbox.php in Amr Talkbox allows remote attackers to execute arbitrary PHP code via a URL in the direct parameter. NOTE: this issue has been disputed by CVE, since the $direct variable is set to a static value just before the include statement

Affected configurations

NVD

Node

amr_talkboxamr_talkbox

CPENameOperatorVersion
amr_talkbox:amr_talkboxamr talkboxeq*

CPE	Name	Operator	Version
amr_talkbox:amr_talkbox	amr talkbox	eq	*

References

securityreason.com/securityalert/1105

www.osvdb.org/27455

www.securityfocus.com/archive/1/436993/100/0/threaded

www.securityfocus.com/archive/1/437266/100/0/threaded

exchange.xforce.ibmcloud.com/vulnerabilities/27122

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.9 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.4%

JSON

Related for CVE-2006-3040

cvelist1 nvd1