Lucene search

[email protected]CVE-2006-3735

HistoryJul 21, 2006 - 2:03 p.m.

CVE-2006-3735

2006-07-2114:03:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

227

cve-2006-3735

php

remote file inclusion

mail2forum

vulnerability

nvd

security

8.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.319 Low

EPSS

Percentile

96.9%

JSON

Multiple PHP remote file inclusion vulnerabilities in Mail2Forum (module for phpBB) 1.2 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the m2f_root_path parameter to (1) m2f/m2f_phpbb204.php, (2) m2f/m2f_forum.php, (3) m2f/m2f_mailinglist.php or (4) m2f/m2f_cron.php.

CPENameOperatorVersion
mail2forum:mail2forummail2forumle1.2

CPE	Name	Operator	Version
mail2forum:mail2forum	mail2forum	le	1.2

References

secunia.com/advisories/21083

www.osvdb.org/27354

www.osvdb.org/27355

www.osvdb.org/27356

www.osvdb.org/27357

www.securityfocus.com/bid/19038

www.vupen.com/english/advisories/2006/2847

exchange.xforce.ibmcloud.com/vulnerabilities/27788

www.exploit-db.com/exploits/2019

8.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.319 Low

EPSS

Percentile

96.9%

JSON