Lucene search
MitreCVE-2006-3520HistoryJul 12, 2006 - 12:05 a.m.
CVE-2006-3520
2006-07-1200:05:00
mitre
web.nvd.nist.gov
290
cve-2006-3520
php
remote file inclusion
vulnerability
sabdrimer pro 2.2.4
register_globals
pluginpath parameter
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
High
EPSS
0.056
Percentile
93.3%
PHP remote file inclusion vulnerability in skins/advanced/advanced1.php in Sabdrimer Pro 2.2.4, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the pluginpath[0] parameter.
Affected configurations
Node
sabdrimer_cmssabdrimer_cmsRange≤2.2.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sabdrimer_cms | sabdrimer_cms | * | cpe:2.3:a:sabdrimer_cms:sabdrimer_cms:*:*:*:*:*:*:*:* |
Related
checkpoint_advisories
checkpoint_advisories
nvd
nvd
CVE-2006-3520
2006-07-12 00:05:00
cvelist
cvelist
CVE-2006-3520
2006-07-12 00:00:00
exploitdb
exploitdb
Sabdrimer PRO 2.2.4 - 'pluginpath' Remote File Inclusion
2006-07-09 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
High
EPSS
0.056
Percentile
93.3%
Related for CVE-2006-3520